[Date Prev][Date Next] [Chronological] [Thread] [Top]

syncrepl binds always fail the first time

Hello,
   Using version 2.4.24 I have a replication server that periodically
queries the provider for updates via refreshOnly. I've noticed that
once slapd is started, the bind to the replicator DN on the provider
always failed but subsequent do_syncrepl retries succeed. Ideally I'd
like the first bind to succeed so it pulls in all the data instead of
having to wait <retry> seconds. Is this normal behavior or do I have
something mis-configured?

slapd.conf:

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/qmail.schema

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
modulepath /usr/lib/ldap
moduleload back_hdb
loglevel config
allow bind_anon_dn

database hdb
directory /var/lib/ldap
suffix "dc=domain,dc=com"
rootdn "cn=Manager,dc=domain,dc=com"
index objectclass,entryCSN,entryUUID eq
index uid,memberUid,uidNumber,gidNumber eq
cachesize 200
idlcachesize 600
checkpoint 50 5

syncrepl rid=001
    provider=ldaps://directory-master.domain.com
    type=refreshOnly
    interval=00:00:10:00
    retry="60 5 600 +"
    searchbase="dc=domain,dc=com"
    filter="(|(&(objectClass=posixAccount)(uid=username))(&(objectClass=posixGroup)(memberUid=username)))"
    scope=sub
    attrs="cn,sn,givenName,homeDirectory,loginShell,ou,uid,uidNumber,userPassword,memberUid,gidNumber"
    schemachecking=off
    bindmethod=simple
    binddn="cn=replicator,dc=domain,dc=com"
    credentials=secret