[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with chain overlay



"Klaus Nagel" <m_a_i_l@web.de> writes:

> Hello, I have a little problem with the chain overlay and hope, someone
> can help me. I have a master and a slave server (both debian lenny with
> openldap 2.4.11) and a normal syncrepl replication between both, but I
> can't get the chain working.
>
> my slave slapd.conf entries:
>
> moduleload              back_ldap
> overlay                 chain
> chain-uri               "ldap://10.8.0.1:389/";
> chain-rebind-as-user    TRUE
> chain-idassert-bind     bindmethod=simple
>                         binddn="cn=admin,dc=test,dc=de"
>                         credentials=testpw
>                         mode=self
> chain-tls               start
> chain-return-error      TRUE

the global part of my slapd.conf

overlay chain
chain-uri ldap://ldap.avci.de
chain-idassert-bind
        bindmethod=simple
        binddn="cn=replicator,o=avci,c=de"
        credentials="xxx"
        mode=self
        flags=non-prescriptive
        starttls=yes
        tls_cacert=/opt/openldap/etc/openldap/certs/avciCA.pem
        tls_reqcert=demand
chain-return-error TRUE
chain-rebind-as-user TRUE
chain-tls start

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E