[Date Prev][Date Next] [Chronological] [Thread] [Top]

Replication error

To: openldap-technical@openldap.org
Subject: Replication error
From: Ervin Hegedüs <airween@gmail.com>
Date: Tue, 10 Oct 2017 17:39:48 +0200
Content-disposition: inline
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=TdHZyzPbEvfw2TjGQUiHSybcGU9S+cL0ngo2wSuC+S4=; b=jUXKOI39A9W1hgrv0yfEDdQuVhUDTHsY4KNTcXgMJrXUGY71bb07g851Uerb5Hymr/ SqIpPzowycTDdi6+4d8cskVe5ivB47h/smtHqmR18pF4fNDNnONuzDbcQztB0k6uzzow Z2wBcBolksquLWxuIwWG1k5GVS9X1Q6BUtLhVUgnmQKFR4VDDaNmWXbsFCIoWPRZd6cE 2ZHcsypaTKxzh0NVty26O6EaypnoshPI2ggS5vtqLOlEiR7zAjT02azwF4xFt989W+UC grjhKXBSJFycSLkXcWRQvksc7393AVct01vunwQGA8HbXyHCkHLK6wm8ygS6bhrTDPJL y8DA==
User-agent: Mutt/1.5.24 (2015-08-30)

Hi,

I (think I) setting up completly a master-slave replication.

The replication user can access from the slave (ldapsearch
works).

Here is the config, what I added on slave:

dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcSyncRepl
olcSyncRepl: rid=001
  provider=ldaps://master:636/
  bindmethod=simple
  binddn="uid=repuser,dc=my,dc=domain,dc=hu"
  credentials=SECRET
  searchbase="dc=my,dc=domain,dc=hu"
  scope=sub
  schemachecking=on
  type=refreshAndPersist
  retry="30 5 300 3"
  interval=00:00:05:00
  tls_cacert=/etc/ldap/CAcert.pem
  tls_cert=/etc/ldap/slave_cert.pem
  tls_key=/etc/ldap/slave_key.pem
  tls_reqcert=demand

And now I found these lines in syslog:

Oct 10 17:36:40 open-ldap2 slapd[4640]: Entry (cn=admin,dc=my,dc=domain,dc=hu): object class 'simpleSecurityObject' requires attribute 'userPassword'
Oct 10 17:36:40 open-ldap2 slapd[4640]: null_callback : error code 0x41
Oct 10 17:36:40 open-ldap2 slapd[4640]: syncrepl_entry: rid=001 be_add cn=admin,dc=my,dc=domain,dc=hu failed (65)
Oct 10 17:36:41 open-ldap2 slapd[4640]: do_syncrepl: rid=001 rc 65 retrying (4 retries left)

I think this occures, because the cn=admin,dc=... user is a
simpleSecurityObject, and could't access the userPassword from
the ldapsearch - or not :).


Anyway - how can I solve this problem?

Thanks,

a.

Prev by Date: Question about automounting nfs directories within ldap
Next by Date: Re: Question about automounting nfs directories within ldap
Index(es):
- Chronological
- Thread