[Date Prev][Date Next] [Chronological] [Thread] [Top]
Replication Problem

To: openldap-software@OpenLDAP.org
Subject: Replication Problem
From: TM <offmct@yahoo.com>
Date: Sun, 20 Jun 2004 09:57:25 +0100 (BST)
I've been trying to setup an ldap slave using
openldap-2.1.30 but the slave doesn't seem to get
syncronized with the master. 
This apparently happens when i try to modify a record
in master and slurpd tries to send the changes to the
slaves. Here is a debug i get from the slave's
"/usr/local/libexec/slapd -d4"::::::::::::::::::::::::

[root@cielo openldap]# /usr/local/libexec/slapd -d4
daemon_init: <null>
daemon: socket() failed errno=97 (Address family not
supported by protocol)
bdb_initialize: Sleepycat Software: Berkeley DB
4.2.52: (December  3, 2003)
bdb_db_init: Initializing BDB database
bdb_db_open: dc=rldp,dc=com
slapd starting
connection_get(9)
==> bdb_bind: dn:
cn=Replicator,dc=design1,dc=rldp,dc=com
send_ldap_result: err=49 matched="" text=""
connection_get(9)


Below is my master's
slapd.conf::::::::::::::::::::::::::

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v
1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration
options.
# This file should NOT be world readable.
#
include        
/usr/local/etc/openldap/schema/core.schema
include        
/usr/local/etc/openldap/schema/cosine.schema
include        
/usr/local/etc/openldap/schema/inetorgperson.schema
include        
/usr/local/etc/openldap/schema/nis.schema

allow bind_v2

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a
working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/local/libexec/openldap
# moduleload    back_bdb.la
# moduleload    back_ldap.la
# moduleload    back_ldbm.la
# moduleload    back_passwd.la
# moduleload    back_shell.la

# Sample security restrictions
#       Require integrity protection (prevent
hijacking)
#       Require 112-bit (3DES or better) encryption
for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read
it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default
policy is:
#       Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm database definitions
#######################################################################

database        bdb
#suffix         "dc=my-domain,dc=com"
#rootdn         "cn=Manager,dc=my-domain,dc=com"
suffix         "dc=rldp,dc=com"
rootdn         "cn=Manager,dc=design1,dc=rldp,dc=com"
# Cleartext passwords, especially for the rootdn,
should
# be avoid.  See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication encouraged.
#rootpw         secret
rootpw          {SSHA}tsWjxnJh1DkYSiG434V9xN8m8AFCI83z
# The database directory MUST exist prior to running
slapd AND
# should only be accessible by the slapd and slap
tools.
# Mode 700 recommended.
directory       /usr/local/var/openldap-data
# Indices to maintain
#index  objectClass     eq
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

replica uri=ldap://cielo.design1.rldp.com
       
binddn="cn=Replicator,dc=design1,dc=rldp,dc=com"
        bindmethod=simple
credentials={SSHA}55uf5qYLY2w11Ce9GNpTBeVIcCAOtvhF

Below is my slave's
slapd.conf:::::::::::::::::::::::::::::::::::;

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v
1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration
options.
# This file should NOT be world readable.
#

include        
/usr/local/etc/openldap/schema/core.schema
include        
/usr/local/etc/openldap/schema/cosine.schema
include        
/usr/local/etc/openldap/schema/inetorgperson.schema
include        
/usr/local/etc/openldap/schema/nis.schema
#include        
/usr/local/etc/openldap/schema/redhat/autofs.schema

allow bind_v2

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a
working directory
# service AND an understanding of referrals.
#referral	ldap://root.openldap.org

pidfile		/usr/local/var/slapd.pid
argsfile	/usr/local/var/slapd.args

# Load dynamic backend modules:
# modulepath	/usr/local/libexec/openldap
# moduleload	back_bdb.la
# moduleload	back_ldap.la
# moduleload	back_ldbm.la
# moduleload	back_passwd.la
# moduleload	back_shell.la

# Sample security restrictions
#	Require integrity protection (prevent hijacking)
#	Require 112-bit (3DES or better) encryption for
updates
#	Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#	Root DSE: allow anyone to read it
#	Subschema (sub)entry DSE: allow anyone to read it
#	Other DSEs:
#		Allow self write access
#		Allow authenticated users read access
#		Allow anonymous users to authenticate
#	Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#	by self write
#	by users read
#	by anonymous auth
#
# if no access controls are present, the default
policy is:
#	Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm database definitions
#######################################################################

database	bdb
#suffix		"dc=my-domain,dc=com"
#rootdn		"cn=Manager,dc=my-domain,dc=com"
suffix         "dc=rldp,dc=com"
rootdn        
"cn=Replicator,dc=design1,dc=rldp,dc=com"
# Cleartext passwords, especially for the rootdn,
should
# be avoid.  See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication encouraged.
#rootpw		secret
rootpw		{SSHA}55uf5qYLY2w11Ce9GNpTBeVIcCAOtvhF
updatedn	"cn=Replicator,dc=design1,dc=rldp,dc=com"
# The database directory MUST exist prior to running
slapd AND 
# should only be accessible by the slapd and slap
tools.
# Mode 700 recommended.
directory	/usr/local/var/openldap-data
# Indices to maintain
#index	objectClass	eq
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
#syncrepl
updateref ldap://ldap.design1.rldp.com

Is there anything wrong with my config? Any
suggestions to solve the problem? I use
openldap-2.1.30 with bdb-4.2.52. I have copied the
master's db to the slaves db so i'm pretty sure that
they are similar. My ldap doesn't use TLS.

Thanks a lot.

________________________________________________________________________
Yahoo! Messenger - Communicate instantly..."Ping" 
your friends today! Download Messenger Now 
http://uk.messenger.yahoo.com/download/index.html
Follow-Ups:
- Re: Replication Problem
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: Replication Problem
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Prev by Date: what happend to labeledURI?
Next by Date: Re: what happend to labeledURI?
Index(es):
- Chronological
- Thread