[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Online config, delta syncrepl and overlay chain

Hi, once again,

> > Under the covers, the chain overlay creates a private back-ldap
> > instance. For dynamically adding with cn=config, you have to create this
> > instance yourself. See the later section of test022-ppolicy in the test
> > suite for an example of how this is done.
> >

yesterday I told you that everything worked after setting up the chain
overlay. I could change objects on the consumer side that got redirected
to the provider.

Yesterday, I stopped the consumer side and tried to start it this day.
But suddenly I get the follwing errors:

=> access_allowed: search access to
"olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config"
"objectClass" requested
<= root access granted
=> access_allowed: search access granted by manage(=mwrscxd)
<= test_filter 6
slapd-chain: first underlying database
"olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config"
cannot contain attribute "olcDbURI".
: config_add_internal:
DN="olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config"
no structural objectClass add function
config error processing
olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config:
send_ldap_result: conn=-1 op=0 p=0
send_ldap_result: err=65 matched="" text=""
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.

Here is, what I added to th consumer to get the chain overlay added:

dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcChainConfig
olcOverlay: {0}chain

dn: olcDatabase=ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
changetype: add
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDBURI: ldap://10.1.0.3/
olcDbIDAssertBind: bindmethod=simple
  binddn="cn=admin,dc=roessner-net,dc=de"
  credentials=**********
  mode=self

@Dieter: You have shown me your chain solution. You do have two
ldap-directives under chain. Could this be the problem here?

This is my directory structure on the consumer side:

./cn=config:
-rw------- 1 openldap openldap  405 2009-07-19 20:40 cn=module{0}.ldif
drwxr-x--- 2 openldap openldap 4096 2009-07-01 14:57 cn=schema
-rw-r----- 1 openldap openldap  307 2009-07-01 14:25 cn=schema.ldif
drwxr-x--- 3 openldap openldap 4096 2009-07-26 11:20
olcDatabase={-1}frontend
-rw-r----- 1 openldap openldap  390 2009-07-01 14:25
olcDatabase={-1}frontend.ldif
-rw-r----- 1 openldap openldap  406 2009-07-01 14:25
olcDatabase={0}config.ldif
-rw------- 1 openldap openldap 1741 2009-07-02 09:46 olcDatabase={1}hdb.ldif

./cn=config/olcDatabase={-1}frontend:
drwxr-x--- 2 openldap openldap 4096 2009-07-26 11:20 olcOverlay={0}chain
-rw------- 1 openldap openldap  373 2009-07-26 11:20
olcOverlay={0}chain.ldif

./cn=config/olcDatabase={-1}frontend/olcOverlay={0}chain:
-rw------- 1 openldap openldap  510 2009-07-26 11:20
olcDatabase={0}ldap.ldif

Thanks alto for your help in advance.

Christian