[Date Prev][Date Next] [Chronological] [Thread] [Top]

Syncrepl : Authentication issue



Hello guys,

I'm meeting an issue when configuring ldap replication.
The synchronisation account doesn't authenticate with the provider.

Here are my configuration files :

/etc/ldap/slapd.conf (provider):
-----------------------
moduleload      syncprov
database        bdb
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

index           objectClass,entryCSN,entryUUID eq

/etc/ldap/slapd.conf (consumer):
--------------------------
Syncrepl       rid=666
               provider=ldaps://provider.domain.tld:636/
               type=refreshOnly
               retry="60 10 600 +"
               interval=00:00:30:00
               searchbase="dc=domain,dc=tld"
               scope=sub
               schemachecking=on
               bindmethod=simple
               binddn="cn=syncrepluser,dc=domain,dc=tld"
               credentials=secret



Errors below :
>From consumer
------------
slap_client_connect: URI=ldaps://provider.domain.tld:636/
DN="cn=syncrepluser,dc=domain,dc=tld" ldap_sasl_bind_s failed (49)
do_syncrepl: rid=666 retrying (9 retries left)

>From provider
------------
Nov 26 15:28:47 provider slapd[2514]: do_bind: version=3
dn="cn=syncrepluser,dc=domain,dc=tld" method=128
Nov 26 15:28:47 provider slapd[2514]:
bdb_dn2entry("cn=syncrepluser,dc=domain,dc=tld")
Nov 26 15:28:47 provider slapd[2514]: =>
bdb_dn2id("cn=syncrepluser,dc=domain,dc=tld")
Nov 26 15:28:47 provider slapd[2514]: <= bdb_dn2id: get failed: DB_NOTFOUND: No
matching key/data pair found (-30990)
Nov 26 15:28:47 provider slapd[2514]: send_ldap_result: conn=3 op=0 p=3
Nov 26 15:28:47 provider slapd[2514]: send_ldap_response: msgid=1 tag=97 err=49
Nov 26 15:28:47 provider slapd[2514]: connection_get(14): got connid=3
Nov 26 15:28:47 provider slapd[2514]: connection_read(14): checking for input on
id=3
Nov 26 15:28:47 provider slapd[2514]: ber_get_next on fd 14 failed errno=0
(Success)
Nov 26 15:28:47 provider slapd[2514]: connection_closing: readying conn=3 sd=14
for close
Nov 26 15:28:47 provider slapd[2514]: connection_close: deferring conn=3 sd=14
Nov 26 15:28:47 provider slapd[2514]: conn=3 op=1 do_unbind
Nov 26 15:28:47 provider slapd[2514]: connection_resched: attempting closing
conn=3 sd=14
Nov 26 15:28:47 provider slapd[2514]: connection_close: conn=3 sd=14


Do i have to create an account in the ldap tree?
Is there a problem using SSL?

Thank you for your help.

Regards,
Grifith