[Date Prev][Date Next] [Chronological] [Thread] [Top]

Replication question



Hi all,

Pardon me for this very long post.  I'm trying to setup replication
on two servers, master and slave... and client sending the update
(using ldapmodify).  All are using OpenLDAP 1.2.7.

Everything works fine if the update is from client to master.
However, client to slave gives me an 'Insufficient access' error.
It seems like when client connects to master after a referral, it
binds as NULL...

Attached is a sample session below.  I'd really appreciate any
help.


Thanks,
Mike

client sends a modification to slave, and gets referral to master:

slave: conn=3 fd=13 connection from client.internal (192.168.0.3)
accepted.
slave: conn=3 op=0 BIND dn="UID=ROOT,O=DOMAIN.INTERNAL" method=128
slave: conn=3 op=0 RESULT err=0 tag=97 nentries=0
slave: conn=3 op=1 MOD dn="UID=SOME.USER,O=DOMAIN.INTERNAL"
slave: conn=3 op=1 RESULT err=9 tag=103 nentries=0
slave: conn=3 op=2 UNBIND
slave: conn=3 op=2 fd=13 closed errno=0

Using the referral, client sends the modification to master, and gets
an ACL error:

master: conn=6 fd=7 connection from client.internal (192.168.0.3)
accepted.
master: conn=6 op=0 BIND dn="" method=128
master: conn=6 op=0 RESULT err=0 tag=97 nentries=0
master: conn=6 op=1 MOD dn="UID=SOME.USER,O=DOMAIN.INTERNAL"
master: conn=6 op=1 RESULT err=50 tag=103 nentries=0
master: conn=6 op=2 UNBIND
master: conn=6 op=2 fd=7 closed errno=0

At this point, I added "access to * by * write" in slapd.conf of master.
Then tried the update again...

client sends a modification to slave, and gets referral (same as above)
to master:

slave: conn=9 fd=7 connection from client.internal (192.168.0.3)
accepted.
slave: conn=9 op=0 BIND dn="UID=ROOT,O=DOMAIN.INTERNAL" method=128
slave: conn=9 op=0 RESULT err=0 tag=97 nentries=0
slave: conn=9 op=1 MOD dn="UID=SOME.USER,O=DOMAIN.INTERNAL"
slave: conn=9 op=1 RESULT err=9 tag=103 nentries=0

Using the referral, client sends the modification to master, and is
successful:

master: conn=0 fd=7 connection from client.internal (192.168.0.3)
accepted.
master: conn=0 op=0 BIND dn="" method=128
master: conn=0 op=0 RESULT err=0 tag=97 nentries=0
master: conn=0 op=1 MOD dn="UID=SOME.USER,O=DOMAIN.INTERNAL"
master: conn=0 op=1 RESULT err=0 tag=103 nentries=0
master: conn=0 op=2 UNBIND
master: conn=0 op=2 fd=7 closed errno=0

master synchronizes with slave through slurpd:

slave: conn=10 fd=13 connection from master.internal (192.168.0.1)
accepted.
slave: conn=10 op=0 BIND dn="UID=REPLICATOR,O=DOMAIN.INTERNAL"
method=128
slave: conn=10 op=0 RESULT err=0 tag=97 nentries=0
slave: conn=10 op=1 MOD dn="UID=SOME.USER,O=DOMAIN.INTERNAL"
slave: conn=9 op=2 UNBIND
slave: conn=9 op=-1 fd=7 closed errno=0
slave: conn=10 op=1 RESULT err=0 tag=103 nentries=0