[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
need help with slurpd
I start everything with -d 65535 ( ie
master slapd, slave slapd and slurpd on master )
when I updated userpassword on master,
it create the slurpd.replog, but slurpd didn't do anything. nothing
show up on the slave slapd's log or the slurpd log. It looks like
slurpd didn't know it needs to replica.
the last few message on slurpd are
.....
Config: (lastmod on)
Config: ** configuration file successfully
read and parsed
begin replication thread for ldap02.examplecom:389
master's slapd.conf :
============================================================
include
/export/groups/openldap/etc/openldap/schema/core.schema
include
/export/groups/openldap/etc/openldap/schema/corba.schema
include
/export/groups/openldap/etc/openldap/schema/cosine.schema
include
/export/groups/openldap/etc/openldap/schema/inetorgperson.schema
include
/export/groups/openldap/etc/openldap/schema/java.schema
include
/export/groups/openldap/etc/openldap/schema/krb5-kdc.schema
include
/export/groups/openldap/etc/openldap/schema/misc.schema
include
/export/groups/openldap/etc/openldap/schema/nis.schema
include
/export/groups/openldap/etc/openldap/schema/openldap.schema
include
/export/groups/openldap/etc/openldap/schema/qmail.schema
pidfile
/export/groups/openldap/var/slapd.pid
argsfile /export/groups/openldap/var/slapd.args
loglevel 0
database bdb
suffix "dc=ldap01,dc=example,dc=com"
rootdn "uid=root,ou=People,dc=ldap01,dc=example,dc=com"
rootpw password
directory /export/groups/openldap/var/openldap-bdb
replica host=ldap02.example.com:389
binddn="uid=root,ou=People,dc=ldap01,dc=example,dc=com"
bindmethod=simple
credentials=password
replogfile /export/groups/openldap/log/slurpd.replog
index cn,sn,mail,givenname,uid,uidNumber,gidNumber
eq
index objectClass
eq
TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA
TLSCACertificateFile /export/groups/openldap/cert/ca/ca-example.crt
TLSCertificateFile /export/groups/openldap/cert/ldap01.example.com.ldap.pem.crt
TLSCertificateKeyFile /export/groups/openldap/cert/ldap01.example.com.ldap.
pem
TLSVerifyClient demand
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
attr=userPassword
by self
write
by dn="uid=root,ou=People,dc=ldap01,dc=example,dc=com"
by anonymous
auth
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
attr=shadowMin,shadowMax,shadowWarning,shadowInactive,shadowExpire,shadowFlag
by * read
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
by self
write
by dn="uid=root,ou=People,dc=ldap01,dc=example,dc=com"
by * read
access to dn=".*,dc=ldap01,dc=example,dc=com"
by dn="uid=tester,ou=People,dc=ldap01,dc=example,dc=com"
write
by * read
============================================================
slave's slapd.conf
============================================================
include
/export/groups/openldap/etc/openldap/schema/core.schema
include
/export/groups/openldap/etc/openldap/schema/corba.schema
include
/export/groups/openldap/etc/openldap/schema/cosine.schema
include
/export/groups/openldap/etc/openldap/schema/inetorgperson.schema
include
/export/groups/openldap/etc/openldap/schema/java.schema
include
/export/groups/openldap/etc/openldap/schema/krb5-kdc.schema
include
/export/groups/openldap/etc/openldap/schema/misc.schema
include
/export/groups/openldap/etc/openldap/schema/nis.schema
include
/export/groups/openldap/etc/openldap/schema/openldap.schema
include
/export/groups/openldap/etc/openldap/schema/qmail.schema
pidfile
/export/groups/openldap/var/slapd.pid
argsfile /export/groups/openldap/var/slapd.args
loglevel 0
database bdb
suffix "dc=ldap01,dc=example,dc=com"
rootdn "uid=root,ou=People,dc=ldap01,dc=example,dc=com"
rootpw password
directory /export/groups/openldap/var/openldap-bdb
rootbinddn "uid=root,ou=People,dc=ldap01,dc=example,dc=com"
updatedn "uid=root,ou=People,dc=ldap01,dc=example,dc=com"
updateref ldap://ldap01.example.com:389
index cn,sn,mail,givenname,uid,uidNumber,gidNumber
eq
index objectClass
eq
TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA
TLSCACertificateFile /export/groups/openldap/cert/ca/ca-example.crt
TLSCertificateFile /export/groups/openldap/cert/ldap02.example.com.ldap.pem.crt
TLSCertificateKeyFile /export/groups/openldap/cert/ldap02.example.com.ldap.pem
TLSVerifyClient demand
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
attr=userPassword
by self
write
by dn="uid=root,ou=People,dc=ldap01,dc=example,dc=com"
by anonymous
auth
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
attr=shadowMin,shadowMax,shadowWarning,shadowInactive,shadowExpire,shadowFlag
by * read
access to dn=".*,ou=People,dc=ldap01,dc=example,dc=com"
by self
write
by dn="uid=root,ou=People,dc=ldap01,dc=example,dc=com"
by * read
access to dn=".*,dc=ldap01,dc=example,dc=com"
by dn="uid=tester,ou=People,dc=ldap01,dc=example,dc=com"
write
by * read
lastmod on
============================================================