[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL and updatedn



I've been trying to get replication with OpenLDAP2 to work, and 
so far I've been banging my head against the wall to no effect...

Master server configuration             | Slave server configuration
----- s n i p -----                     | ----- s n i p -----
replica    host=localhost:3391          | readonly  off
           tls=critical                 | updatedn  "uid=replicator \+ realm=<MY REALM>"
           bindmethod=sasl              | ----- s n i p -----
           saslmech=GSSAPI              |
replogfile /var/lib/ldap/replog         |
----- s n i p -----                     |
                                        |
If setting the 'readonly' option to     | If removing both readonly and
'on', I get a reject, with the content  | updatedn, I get;
----- s n i p -----                     | ----- s n i p -----
ERROR: DSA is unwilling to perform      | ERROR: Constraint violation
----- s n i p -----                     | ----- s n i p -----


What should the updatedn look like when using SASL/GSSAPI bind?

-- 
 Turbo     __ _     Debian GNU     Unix _IS_ user friendly - it's just 
 ^^^^^    / /(_)_ __  _   ___  __  selective about who its friends are 
         / / | | '_ \| | | \ \/ /   Debian Certified Linux Developer  
  _ /// / /__| | | | | |_| |>  <  Turbo Fredriksson   turbo@tripnet.se
  \\\/  \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden