slurpd replication, "entryCSN: no user modification allowed"

[Gavin White <gavin.lists@quicksilver.co.nz>]

Hello list,

I am trying to set up a slave to my openldap server using slurpd.  In 
slurpd debug, modifications are greeting with:

Error: ldap_modify_s failed modifying "entryCSN: no user modification 
allowed":

I have set both binddn (on the master) and updatedn (on the slave) to 
the same value as rootdn, so it's not a permissions / acl thing.

I have tried modifying servers/slapd/schema_prep.c on the slave to 
remove all the NO-USER-MODIFICATIONs, then reinstalling and recreating 
the database, and the error is the same.

Versions: The master is openldap-2.1.30 on FreeBSD4.9, the slave is 
openldap-2.1.22 on RH-7.3.

So, it looks like the master is sending ldifs via slurpd to the slave, 
and the slave is refusing to make the modifications, possibly due to a 
hardcoded schema.


The slurpd reject file looks like this:

ERROR: entryCSN: no user modification allowed
replica: ldap:0
time: 1086269077.0
dn: uid=myuser,ou=radius,dc=mydomain,dc=com
changetype: modify
replace: userPassword
userPassword:: ********
-
replace: entryCSN
entryCSN: 2004060313:24:37Z#0x0001#0#0000
-
replace: modifiersName
modifiersName: uid=myadmin,dc=mydomain,dc=com
-
replace: modifyTimestamp
modifyTimestamp: 20040603132437Z


slurpd shows:

Initializing session to ldap:0
bind to ldap:0 as uid=myadmin,dc=mydomain,dc=com (simple)
request 1 done
replica ldap:0 - modify dn "uid=myuser,ou=radius,dc=mydomain,dc=com"
request 2 done
Error: ldap_modify_s failed modifying "entryCSN: no user modification 
allowed": uid=myuser,ou=radius,dc=domain,dc=com
Error: ldap operation failed, data written to 
"/var/db/openldap-slurp/replica/ldap:0.rej"



Have I missed something?  Is it obvious what's wrong?

Thanks,

Gavin