I have the following problem: I have two servers, ldap1 and ldap2 that I am trying to sync both ways using syncrepl. However, when I was entering an 8mb data into ldap1 using ldapadd, the changes were not propagated or was not retrieved by ldap2. What's worse is ldap2 syncrepl gets a "Can't contact server error." However, when doing an ldapsearch from the ldap2 terminal to ldap1, the results are displayed.
Additionally, I was doing an ldapsearch in ldap2 while the syncing was going on. Does this have any effect?
Below is the olcDatabase={2}bdb.ldif files from both ldap1 and ldap2.
dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap
olcDbCacheSize: 1000
olcDbCheckpoint: 1024 15
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcBdbConfig
entryUUID: 3c9dde1a-f65f-1031-92f3-ef68fd07464c
creatorsName: cn=config
createTimestamp: 20130119083743Z
olcSuffix: dc=myorganization,dc=org
olcRootDN: cn=admin,dc=myorganization,dc=org
olcRootPW: password
olcAccess: {0}to attrs=employeeType by dn="cn=sssd,dc=myorganization,dc=org" read by
self read by * none
olcAccess: {1}to attrs=userPassword,shadowLastChange by self write by anonymous auth by * none
olcAccess: {2}to dn.base="" by * none
olcAccess: {3}to * by dn="cn=config" write by dn="cn=sssd,dc=myorganization,dc=org" read by self write by * none
bindmethod=simple credentials=password searchbase="dc=myorganization,dc=org" type=refreshOnly
interval=00:00:05:00 retry="5 5 300 5" timeout=1
olcSyncRepl: {2}rid=002 provider=ldaps://
ldap2.myorganization.org binddn="cn=admin,dc=myorganization,dc=org" bindmethod=simple credentials=password searchbase="dc=myorganization,dc=org" type=refreshOnly interval=00:00:05:00 retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
The ldap1 logs show nothing and the ldap2 logs display the following lines:
do_syncrep2: rid=001 (-1) Can't contact LDAP server
do_syncrepl: rid=001 rc -1 retrying (4 retries left)
I have tried rebooting both the servers but the problem persists.
I am using OpenLDAP v2.4.23 on a CentOS 6.3 VM.
--
Carlo Santos