Hello,
I try to replicate the olcAccess, olcLimits and olcDbIndex Attributes
here is the Database where the olcx Attributes located on the Master
----------------
dn: olcDatabase={1}mdb,cn=config
olcAccess: {0}to dn.exact="" by * read
olcAccess: {1}to attr=entry,uid by anonymous auth by * break
...
----------------
I created an ldif to add there olcSyncrepl to the slave:
----------------
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add:olcSyncrepl
olcSyncrepl: rid=001
provider=ldap://ldapserver.example.net
type=refreshandpersist
retry="60 10 120 5"
searchbase="olcDatabase={1}mdb,cn=config"
attrs="olcAccess,olcLimits,olcDbIndex"
bindmethod=simple
binddn="cn=admin,cn=config"
credentials=*****
----------------
When I try to add it to my config i always get:
----------------
root@ldapserver-02:/daten# ldapmodify -Y EXTERNAL -H ldapi:/// -f
sync-config.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={1}mdb,cn=config"
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: Base DN "olcDatabase={1}mdb,cn=config" is not
within the database naming context
----------------
Here are all dn-entries from the master:
----------------
dn: cn=config
dn: cn=module{0},cn=config
dn: cn=schema,cn=config
dn: cn={0}core,cn=schema,cn=config
dn: cn={1}cosine,cn=schema,cn=config
dn: cn={2}nis,cn=schema,cn=config
dn: cn={3}inetorgperson,cn=schema,cn=config
dn: cn={4}kerberos,cn=schema,cn=config
dn: cn={5}sshkey,cn=schema,cn=config
dn: olcBackend={0}mdb,cn=config
dn: olcDatabase={-1}frontend,cn=config
dn: olcDatabase={0}config,cn=config
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
dn: olcDatabase={1}mdb,cn=config
dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
dn: olcOverlay={1}syncprov,olcDatabase={1}mdb,cn=config
dn: olcDatabase={2}mdb,cn=config
----------------
And from the slave:
----------------
dn: cn=config
dn: cn=module{0},cn=config
dn: cn=schema,cn=config
dn: cn={0}core,cn=schema,cn=config
dn: cn={1}cosine,cn=schema,cn=config
dn: cn={2}nis,cn=schema,cn=config
dn: cn={3}inetorgperson,cn=schema,cn=config
dn: cn={4}kerberos,cn=schema,cn=config
dn: cn={5}sshkey,cn=schema,cn=config
dn: olcBackend={0}mdb,cn=config
dn: olcDatabase={-1}frontend,cn=config
dn: olcDatabase={0}config,cn=config
dn: olcDatabase={1}mdb,cn=config
----------------
What do I have to put into the "searchbase"?
Replication of the object-DB is working. But I want the ACLs to be
replicated too. Here is the ldif-file I used to set up the object-db
replication
---------------
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add:olcSyncrepl
olcSyncrepl: rid=000
provider=ldap://ldapserver.example.net
type=refreshandpersist
retry="60 10 120 5"
searchbase="dc=example,dc=net"
filter="(objectClass=*)"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=admin,dc=example,dc=net"
credentials=*****
---------------
thank's for any help
Stefan
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature