[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Syncrepl and chain Overlay

--On Thursday, December 09, 2004 9:03 PM +0100 Pierangelo Masarati <ando@sys-net.it> wrote:


I'm having some trouble to get the chain overlay to work on a syncrepl
consumer with current HEAD code. My config basically looks like this:

database bdb
suffix "dc=example,dc=com"
rootdn "cn=admin,dc=example,dc=com"
rootpw "secret"
overlay chain
chain-uri ldap://<master-server>
directory /var/lib/ldap
checkpoint 1024 5
cachesize 10000
syncrepl rid=333
updateref ldap://<master-server>
index objectClass,uidNumber,gidNumber eq

When issueing a modify operation on the consumer I just get the referral
as if the chain overlay wasn't there. It doesn't even try to contact the
master server.
I compiled everything (chain-overlay and back-ldap) statically into slapd
in the logs I see, that the chain-overlay is initialized and configured.

Any idea what's going wrong here? Is the above configuration screwed?

didn't go into details reading your config, so there might be something more; one thing I see is tht your configurtion is missing the "chain-acl-authcDN", "chain-acl-passwd" directives that tell the underlying back-ldap what identity to rebind as when following the referral.

I suspect this is required in order to allow auth'd referral chasing when
performing writes.

I'd note that syncrepl out of HEAD is under a bit of change right now as the new overlay rewrite is flushed out, so there may be a number of reasons why particular things don't work.


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html