[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Slave doen't update Master, Part II
Hi there !
Thanks to some friendly list readers, I got my slave to hand modify requests
to the master ( yes, it DOES work, at least with openldap 2.0.7-6 !).
Well, next problem: I get a "no write access on parent" error, when I try to
insert a new entry on the slave. On the Master, still everything is fine:
grunwalm@winlinux1: > ldapadd -C -D "uid=LdapAdmin,ou=WIN,ou=Wag,dc=test" -w
"secret" -f test.ldif -x -h "winlinux1" -P 3
adding new entry "uid=test, ou=unbekannt, ou=WAG, dc=test"
ldap_add: Insufficient access
additional info: no write access to parent
What would be important here... I give some lines from the slapd.conf files:
###### MASTER: #######
database ldbm
suffix "dc=test"
rootdn "cn=LdapAdmin,ou=WIN,ou=Wag,dc=test"
rootpw {SHA}secret
# Replication
replica host=winlinux1:389
binddn="uid=LdapReplicator,ou=WIN,ou=Wag,dc=test"
bindmethod=simple
credentials=secret
replogfile /var/log/slurpd/slurpd.log
# [ cut ]
# Access controls
defaultaccess read
access to attr=userPassword
by self write
by dn="uid=LdapAdmin,ou=WIN,ou=Wag,dc=test" write
by dn="uid=LdapReplicator,ou=WIN,ou=Wag,dc=test" write
by * compare
access to *
by self write
by dn="uid=LdapAdmin,ou=WIN,ou=Wag,dc=test" write
by dn="uid=LdapReplicator,ou=WIN,ou=Wag,dc=test" write
by * read
###### SLAVE: #########
# [ cut ]
referral ldap://wvi161
# [ cut ]
database ldbm
suffix "dc=test"
rootdn "cn=LdapAdmin,ou=WIN,ou=wag,dc=test"
rootpw {SHA}secret
updatedn "uid=LdapReplicator,ou=WIN,ou=wag,dc=test"
updateref "ldap://wvi161:389"
# [ cut ]
defaultaccess read
#access to attr=userPassword
# by self write
# by dn="uid=LdapReplicator,ou=WIN,ou=wag,dc=test" write
# by * compare
access to *
by dn="uid=LdapReplicator,ou=WIN,ou=wag,dc=test" write
by * read
And here some IMHO strange lines from the masters syslog:
(in order of appearence)
do_bind: version=3 dn="" method=128
do_bind: v3 anonymous bind
# a lot left out
string_expand: pattern: uid=LdapAdmin,ou=WIN,ou=Wag,dc=test
=> string_expand: expanded: uid=LdapAdmin,ou=WIN,ou=Wag,dc=test
=> regex_matches: string:
=> regex_matches: rc: 1 no matches
=> string_expand: pattern: uid=LdapReplicator,ou=WIN,ou=Wag,dc=test
=> string_expand: expanded: uid=LdapReplicator,ou=WIN,ou=Wag,dc=test
=> regex_matches: string:
=> regex_matches: rc: 1 no matches
====> cache_return_entry_w( 51 ): returned (0)
no write access to parent
It seems, the server cant find uid=LdapAdmin ???
I really searched the mailinglist, but the problem never occured together
with replication there...
Really big thank you for your Help...
--
Markus Grunwald
Registered Linux User Nr 101577 PGP Key:
http://counter.li.org http://www.grunwald.2xs.de