[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Unable to auth on replica
Hello,
I have set two Ubuntu 8.04 servers running OpenLDAP
2.4.9-0ubuntu0.8.04.2. I have set replication as per the docs. On the
slave, I start with an empty /var/lib/ldap, and when I start the replica
the dir is populated with the files, I am able to anon search, etc.
Great, except my clients are able to auth on the provider but not on the
replica.
Both provider and consumer have the same acls, and the diff from one
conf to another is:
--- slapd.conf 2009-04-02 09:04:42.000000000 -0300
+++ slapd.conf.replica 2009-04-02 09:05:47.000000000 -0300
@@ -60,19 +61,13 @@
# 'database' directive occurs
database hdb
-overlay syncprov
-syncprov-checkpoint 100 10
-syncprov-sessionlog 100
-
-# Let the replica DN have limitless searches
-limits dn.exact="cn=syncrepl,dc=a1,dc=ind" time.soft=unlimited
time.hard=unlimited size.soft=unlimited size.hard=unlimited
-
# The base of your directory in database #1
suffix "dc=a1,dc=ind"
# rootdn directive for specifying a superuser on the database. This is
needed
# for syncrepl.
-# rootdn "cn=admin,dc=a1,dc=ind"
+rootdn "cn=admin,dc=a1,dc=ind"
+
# Where the database file are physically stored for database #1
directory "/var/lib/ldap"
@@ -112,6 +108,21 @@
# Where to store the replica logs for database #1
# replogfile /var/lib/ldap/replog
+syncrepl rid=3
+ provider=ldap://192.168.0.201:389
+ type=refreshAndPersist
+ interval=01:00:00:00
+ searchbase="dc=a1,dc=ind"
+ scope=sub
+ schemachecking=off
+ bindmethod=simple
+ binddn="cn=syncrepl,dc=a1,dc=ind"
+ credentials=xxxxx
+
+
+# updateref ldap://192.168.0.201:389
+
+
# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
Any idea on what could be wrong? Thanks in advance for any hint or help.
--
Marcio Merlone