[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replica, slave -----> master, update ?

Howard Chu a écrit :

Quanah Gibson-Mount wrote:

--On Friday, August 20, 2004 4:20 PM +0200 André Chamouleau <Andre.Chamouleau@uhb.fr> wrote:

I configured a slave ldap server and a master ldap server, But the
'updateref' doesn't work,
When I insert/update/delete the data in slave ldap server, The change
will go directly to slave
and never go to master server, Did anybody know what's happen and how to
solve this issue?

How are you inserting the change? ldapadd? slapadd? Are you binding to the replica as the updatedn?

I would guess, from looking at his slave config which has identical rootdn and updatedn, that he bound to the replica as the rootdn and got the updatedn's privileges. This is why the documentation says to use two distinct values for updatedn and rootdn.

so, I have create a "Replicator" user(only on the slave LDAP) and i have add an ACL:

access to *
   by      self write
   by      dn="cn=Replicator,dc=example,dc=com" write
   by      anonymous    auth
my master slapd.conf is now:

database          bdb
suffix                "dc=example,dc=com"
rootdn             "cn=Manager, dc=example,dc=com"
rootpw            secret
directory          /usr/local/var/openldap-data
replogfile          /usr/local/var/openldap-slurp/replog
replica             uri=ldap://
                   binddn="cn=Replicator, dc=example, dc=com"
                   bindmethod=simple            credentials=toto
and my slave slapd.conf is

database           bdb
suffix                "dc=example,dc=com"
rootdn             "cn=Manager, dc=example,dc=com"
updatedn          "cn=Replicator,dc=example,dc=com"
updateref          uri=ldap://
rootpw             secret

But I have the same trouble, ;(
when i am connected to the slave ldap(with "ldap browser") the modification are directly applied to the slave and not to the master
(when i modify the master the modification are applied to the slave,so my slave configuration must be bad,
so it doesn't work like this picture : http://www.openldap.org/doc/admin22/config_repl.gif <--- 2 :referral )
thanks in advance