[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [Fwd: Re: userPasswd problem]



I'v narrowed it down to that this only happends when i have a replogfile
directive in slapd.conf
I realy need some help here.

regards roger
On Wed, 2002-05-15 at 14:41, Roger Helgesen wrote:
> 
> 
> I'v now tested my replication and it it works. The one problem (as far
> as I know) I have is that changing password (userPassword).
> 'ldappasswd -x -D "cn=JokkeManager,dc=htg,dc=org" -w secret username -s
> newsecret'
> 
> Result: DSA is unwilling to perform (53)
>  Additional info: authorization database is a read-only replica
> 
> As you can see 'm running the ldappasswd command as rootdn and still get
> this error !
> is there anyone that can help me with this ?
> 
> regards
> Roger Helgesen
> 
> Slapd.conf (I'v taken out all the comments to save space)
> 
> ###############################
> 
> include		/etc/openldap/schema/core.schema
> include		/etc/openldap/schema/cosine.schema
> include		/etc/openldap/schema/inetorgperson.schema
> include		/etc/openldap/schema/nis.schema
> include		/etc/openldap/schema/redhat/rfc822-MailMember.schema
> include		/etc/openldap/schema/redhat/autofs.schema
> include		/etc/openldap/schema/redhat/kerberosobject.schema
> include		/etc/openldap/schema/sambatng.schema-v3-egen
> include		/etc/openldap/schema/qmail.schema
> include		/etc/openldap/schema/qmailControl.schema
> 
> 
> ####    Mine Acces lister
> 
> access to dn=".*,dc=htg,dc=org" attr=userPassword
> 	by self write
> 	by dn="cn=PondusManager,dc=htg,dc=org" write
> 	by dn="uid=root,ou=SystemBrukere,dc=htg,dc=org" write
> 	by * auth
> 	
> access to dn=".*,dc=htg,dc=org" 
> 	by self write
> 	by dn="cn=PondusManager,dc=htg,dc=org" write
> 	by * read
> 
> access to *
> 	by dn="cn=ReplicaMasterJokke,dc=htg,dc=org" write
> 	by * read
> 
> access to * by * read
> 
> #######################################################################
> # ldbm database definitions
> ######################################################################
> loglevel 264
> 
> database	ldbm
> suffix		"dc=htg,dc=org"
> rootdn		"cn=JokkeManager,dc=htg,dc=org" 
> rootpw		{MD5}XsAM4fAnjvju4pOM9oOrYA==
> 
> password-hash {md5}
> 
> directory	/var/lib/ldap
> # Indices to maintain
> index	objectClass,uid,uidNumber,gidNumber,memberUid	eq
> index	cn,mail,surname,givenname			eq,subinitial
> index	rid						eq
> 
> # Replicas to which we should propagate changes
> replica host=pondus.hau.htg.org:389 
> 	binddn="cn=JokkeManager,dc=htg,dc=org"
> 	bindmethod=simple 
> 	credentials=Yfw98ah7
> 
> replogfile /var/lib/ldap/master-slapd.replog
> 
> updatedn	cn=PondusManager,dc=htg,dc=org
> 
> ########################################################
> 
> On Tue, 2002-05-14 at 10:49, Roger Helgesen wrote:
> > Hi !
> > 
> > I'v patch openldap 2.0.23-4 with the multimaster patch
> > (http://www.openldap.org/lists/openldap-software/200204/msg00681.html)
> > 
> > After that (i belive thats when the prob. started) I can not change
> > userPasswd for users. New users does not get a passwd either
> > 
> > The userPasswd attr says {crypt}x
> > 
> > When I try to change a users passwd with 
> > 
> > 'ldappasswd -x -D "cn=manager,dc=htg,dc=org" -w secret username' I get
> > 
> > Result: DSA is unwilling to perform (53)
> > Additional info: authorization database is a read-only replica
> > 
> > I'm confused. Adding and deleting users works fine. And also changing
> > smb passwd (via smbldap-passwd.pl) works fine. 
> > 
> > smbldap-passwd should change both passwd, and it did before
> > 
> > Could anyone help me ?
> > 
> > I'm a novice at LDAP. Do you need more info, slapd.conf ldap.conf ?
> > 
> > regards 
> > Roger Helgesen
> > 
> > 
> > 
> 
>