[Date Prev][Date Next]
Sync replication and "*Password" attributes
I see a dumb problem trying to implement LDAP Sync Replication in a
group of Debian servers. Everything works fine except userPassword,
sambaLMPassword and sambaNTPassowrd attributes; the replicas (two of
two) just don't have those attributes in any downloaded entries.
Yes, I have checked the access rights: syncrepl binddn has "read" rights
for passwords, and "ldapsearch -H ldap://master..." with RDN and
credentials used in replicas shows everything including all three
Slave logs show nothing useful. "loglevel Args" at slave mentions all
attributes except those "*Password" upon master entry modification.
OpenLDAP version is 2.3.30-5+etch2, the current in Debian Etch. A
proposal to upgrade to 2.4 will not be accepted unless I'll know about
*exact* change in 2.4 fixing this [mis]behavior; just because the master
is a production server.