[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Replication via cn=config



I am not a pro at OpenLDAP but do you need to setup the "frontend" database in replication mode? In my setup, only "cn=config" is set to replicate and that takes care of replication of the "frontend" too such that any ACL changes in "frontend" of one instance propogate to other instances as well.

- Siddhartha


> -----Original Message-----
> From: openldap-technical-bounces+sjain=silverspringnet.com@openldap.org
> [mailto:openldap-technical-
> bounces+sjain=silverspringnet.com@openldap.org] On Behalf Of Marcio
> Merlone
> Sent: Wednesday, May 26, 2010 11:32 AM
> To: openldap-technical@openldap.org
> Subject: Replication via cn=config
> 
> Hi all,
> 
> I am setting a pair of multi-master replicated servers (venus and
> haumea) using Ubuntu 10.04 and OpenLDAP 2.4.21-0ubuntu5. I am following
> the docs at http://www.openldap.org/doc/admin24/replication.html and
> when I get to the part for this ldif:
> 
> dn: olcDatabase={1}frontend,cn=config
> objectClass: olcDatabaseConfig
> objectClass: olcFrontendConfig
> olcDatabase: {1}frontend
> olcSuffix: dc=tld
> olcDbDirectory: ./db
> olcRootDN: cn=admin,dc=tld
> olcRootPW: secret
> olcLimits: dn.exact="cn=admin,dc=tld" time.soft=unlimited
> time.hard=unlimited size.soft=unlimited size.hard=unlimited
> olcSyncRepl: rid=003 provider=ldap://haumea.tld
> binddn="cn=admin,dc=tld"
> bindmethod=simple
>    credentials=secret searchbase="dc=tld" type=refreshOnly
>    interval=00:00:00:10 retry="5 5 300 5" timeout=1
> olcSyncRepl: rid=004 provider=ldap://venus.tld binddn="cn=admin,dc=tld"
> bindmethod=simple
>    credentials=secret searchbase="dc=tld" type=refreshOnly
>    interval=00:00:00:10 retry="5 5 300 5" timeout=1
> olcMirrorMode: TRUE
> 
> dn: olcOverlay=syncprov,olcDatabase={1}frontend,cn=config
> changetype: add
> objectClass: olcOverlayConfig
> objectClass: olcSyncProvConfig
> olcOverlay: syncprov
> 
> I get htis error:
> 
> root@haumea:/etc/ldap# ldapadd -x -H ldap://localhost/ -D
> "cn=admin,cn=config" -W -f replica.ldif
> Enter LDAP Password:
> adding new entry "olcDatabase={1}frontend,cn=config"
> ldap_add: Object class violation (65)
>          additional info: attribute 'olcDbDirectory' not allowed
> 
> root@haumea:/etc/ldap#
> 
> I googled for this but got very few useless results. Can someone point
> me the right direction?
> 
> Thanks and best regards.
> 
> --
> Marcio Merlone