I think there is no problem with master server search is good with cn=sync and as anonymous:On Thursday 06 March 2008 16:44:21 Julien Garnier wrote:
I just reinstall all my slave server and resynchronize all the database and it's the same : It's OK when I search the master server but doesn't work for the slave server.
What I've done is : reinstall linux install openldap from aptitude (slapd 2.3.30 (Mar 9 2007 05:43:02)) copy paste my config file to /etc/ldap/slapd.conf starting server
and nothing else.
search on base doesn't retrn any results :
Does cn=sync-dr13,ou=people,dc=compagnie,dc=com have unlimited (size/time) access to your provider? Have you tested manually (e.g. with 'ldapsearch -x -H ldap://master:389 -b ou=People,dc=compagnie,dc=com -D cn=sync-dr13,ou=people,dc=compagnie,dc=com -w secret "(cnrsDelegation=DR13*)"') that you can receive all the entries? Or, have you confirmed from the logs on the consumer that the provider search did not return a result=4?
dn: ou=People,dc=compagnie,dc=com structuralObjectClass: organizationalUnit entryUUID: 187a2858-af67-102b-9acf-e50839f4c3d0 creatorsName: cn=ldapmaster,ou=People,dc=compagnie,dc=com modifiersName: cn=ldapmaster,ou=People,dc=compagnie,dc=com createTimestamp: 20070615083520Z modifyTimestamp: 20070615083520Z entryCSN: 20070615083520Z#000001#00#000000 contextCSN: 20080307004124Z#000000#00#000000 entryDN: ou=People,dc=compagnie,dc=com subschemaSubentry: cn=Subschema hasSubordinates: TRUE
If your consumer's binddn can't retrieve all the entries, the initial sync will keep failing, thus the contextCSN will not be added on the consumer
Description: S/MIME Cryptographic Signature