Thanks for your suggestion. I have followed the administration guide. But I still cannot solve the problem. My updatedn and updateref seems to be correct. Below are my configuration parameters: Master: access to * by dn="cn=Manager, dc=ccgo, dc=hksarg" write by self write by dn="cn=wsheh, dc=ccgo, dc=hksarg" write by anonymous auth by * none replica host=ccgoweb:389 binddn="cn=wsheh,dc=ccgo,dc=hksarg" bindmethod=simple credentials=wilson replogfile /var/slapd.log Slave: updatedn "cn=wsheh, dc=ccgo, dc=hksarg" updateref ldap://ccgoapp access to * by dn="cn=Manager, dc=ccgo, dc=hksarg" write by self write by dn="cn=wsheh,dc=ccgo,dc=hksarg" write by anonymous auth by * none When I modify on the slave machine: # ldapmodify -x -D "cn=kwan9, dc=ccgo, dc=hksarg" -W -C -f a Enter LDAP Password: modifying entry "cn=kwan9, dc=ccgo, dc=hksarg" ldap_modify: Insufficient access ldif_record() = 50 or # ldapmodify -x -D "cn=kwan9, dc=ccgo, dc=hksarg" -W -f a Enter LDAP Password: modifying entry "cn=kwan9, dc=ccgo, dc=hksarg" ldap_modify: Referral ldif_record() = 10 It seems that when using the option -C, insufficient access occurs. But I don't know how to solve the problem. Do you have any suggestion? Thank you very much! (See attached file: slapd.slave)(See attached file: slapd.master)(See attached file: a) Wilson. From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> on 03.02.2001 08:14 AM To: Wilson KH Sheh/ITSD/HKSARG@ITSD cc: openldap-software@OpenLDAP.org Subject: Re: Referral from Slave to Master failed in 2.0.7 At 06:31 PM 2/2/01 +0800, Wilson KH Sheh wrote: >Hi, > >I have set up two Red Hat 7, both running openldap 2.0.7. The master to slave >replication works fine. But when I update the slave, I find that only the slave >is updated, but the master is not updated. Then you have not configured the slave to return a referral to the master. Use the admin guide and slapd.conf(5). In particular, you're missing an updateref directive on the slave. Or you are accessing the slave via the updatedn... which you shouldn't do unless you are manually attempting to update the slave to be in sync with the master. >I have tried the above using ldapadd and a LDAP Browser by Jarek Gawor, and the >result is the same (i.e. only master to slave). Do any one has successfully have >the slave to master referral? (i.e. after updating the slave, it will refer the >client to update the master, and the master will then update the slave, as said >in the openldap administrator guide ch.10) > >Thanks a lot. > >Attached please find my slapd.conf for the master and slave. They are quite >simple. > >Regards, >Wilson. > >(See attached file: slapd.master)(See attached file: slapd.slave) >
Attachment:
slapd.slave
Description: Binary data
Attachment:
slapd.master
Description: Binary data
Attachment:
a
Description: Binary data