[Date Prev][Date Next]
Re: Slapd Replication Problem
So... I need to add an extra "auth" line for my replication DN? I never saw
that mentioned in the "OpenLDAP Administrator's Guide"; I assumed that
mentioning it as the "updatedn" would be sufficient.
Well, let's take a look at the logs to figure it out:
Sep 13 10:44:07 titan slapd: conn=0 op=0 BIND dn="uid=slapd,ou=Services,dc=precidia" mech=SIMPLE ssf=0
Sep 13 10:44:07 titan slapd: conn=0 op=0 RESULT tag=97 err=0 text=
So you're not failing on the BIND. "auth" privs aren't at issue.
Sep 13 10:44:07 titan slapd: => access_allowed: delete access to "uid=bcwhite,ou=People,dc=precidia" "userPassword" requested
Sep 13 10:44:07 titan slapd: => access_allowed: delete access denied by none(=0)
You're failing on "delete". As slapd.access(5) man page points out, this
requires "write" access. Your replication identity has to be able to write
to the database. It currently cannot.