[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slurpd replication problem



hi linda,

you missed several things. some hints but maybe you should
take a look to the docs too.
master: replica binddn (no updatedn)
slave: updatedn (no replica)
both dn must exactly be the same: the replicator that has full
access to the slave (can be the slaves rootdn but should be
a separate user manually added to the slaves directory)

hope you understand more now!?

regards,
Marjan Knauer

------------------------------------------------------------
Torra IT-Dienstleistungen GmbH
Wollgrasweg 27  -  70599 Stuttgart
Postfach 72 01 61  -  70577 Stuttgart
Telefon: 0711/4705039
Mobil: 0171/6916812
------------------------------------------------------------



----- Original Message ----- From: "Linda Betts" <lbetts@highmark.com>
To: <openldap-software@OpenLDAP.org>
Sent: Friday, February 11, 2005 8:22 PM
Subject: slurpd replication problem



Two openldap 2.2.23 servers(have also tried 2.2.17 and 2.2.20).
Could get syncrepl to work. But want to test experimental multi-master, which I am assuming requires the use of slurpd(?)


Therefore, I edited the portable.h file to have:

#define SLAPD_MULTIMASTER 1

I then edited my slapd.conf file(s)to have the following:

Server 1 slapd.conf:
access to *
by dn="uid=pitt2ch,o=highmark.com" write updatedn="uid=pitt2ch,o=highmark.com"


replogfile      /usr/local/var/openldap-bdb/replica.log
replica host=pgln165.highmark.com:389
        bindmethod=simple
        binddn="uid=ch2pitt,o=highmark.com"
        credentials=mysecret

Server 2 slapd.conf:
access to *
        by dn="uid=ch2pitt,o=highmark.com" write
updatedn="uid=ch2pitt,o=highmark.com"

replogfile      /usr/local/var/openldap-bdb/replica.log
replica host=chln187.highmark.com:389
        bindmethod=simple
        binddn="uid=pitt2ch,o=highmark.com"
        credentials=yoursecret

I started the servers and they came up nicely. I started slurp and it runs. I add user to server with ldapadd. slurpd on server 1 picks up the change and attempts to put to server2. The following error is in ldap.log on server 2:
Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 BIND dn="uid=ch2pitt,o=highmark.com" method=128
Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 BIND dn="uid=ch2pitt,o=highmark.com" mech=SIMPLE ssf=0
Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 RESULT tag=97 err=0 text=
Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=1 ADD dn="uid=newuser20,ou=people,o=highmark.com"
Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=1 RESULT tag=105 err=19 text=structuralObjectClass: no user modification allowed


Server 1's replica rejection log states:
ERROR: Constraint violation: structuralObjectClass: no user modification allowed
replica: pgln165.highmark.com:389
time: 1108149170.0
dn: uid=newuser20,ou=people,o=highmark.com
changetype: add
uid: newuser20
userPassword:: e1NIQX1qK2kzU2phQjRZWDRhNC9nSlhVamd1Q2hvYU09
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: highmarkextensions
objectClass: onteuser
objectClass: fdxuser
mail: www-admin@highmark.com
givenName: New
sn: User20
cn: New User20
structuralObjectClass: fdxuser
entryUUID: aaf5ef66-10ac-1029-9146-abdb8ceb3fa7
creatorsName: cn=Directory Manager,o=highmark.com
createTimestamp: 20050211191250Z
entryCSN: 20050211191250Z#000001#00#000000
modifiersName: cn=Directory Manager,o=highmark.com
modifyTimestamp: 20050211191250Z


My schema files on both systems are the same and server 2 was loaded with the dbs from server1.

What did I miss in this configuration?