Re: slurpd replication, "entryCSN: no user modification allowed"

[Gavin White <gavin.lists@quicksilver.co.nz>]

Kurt D. Zeilenga wrote:

> > Snipped, from an earlier post:
> >
> > on the server, my slapd.conf has:
> > rootdn          "uid=root,dc=mydomain,dc=com"
> > replica         host=ldap://ldap2.mydomain.com:389
> >               binddn="uid=root,dc=domain,dc=com"
> >               bindmethod=simple credentials=mypassword
> >
> > On the slave (ldap2), it has:
> > rootdn          "uid=root,dc=mydomain,dc=com"
> > updatedn        "uid=root,dc=mydomain,dc=com"
>
>
> Note that your binddn != updatedn.  (Note as well that
> the updatedn of the slave should not be same as the
> rootdn of the master.)
>
> Kurt 

Typo.  On the actual server, bindn == rootdn. Trust me, I've sat and 
stared at them, sdiff'ed the files, they are the same.

I also tried creating a new user, and setting it as both updatedn and 
binddn.  I configured the slave ACL such that from the master, I was 
able to ldapadd -h <slave host> , binding as the new user.  However, 
slurpd returned 'invalid credentials'.  This is after copying and 
pasting the DN and password from the successful ldapadd into the binddn 
and updatedn lines in the conf files.

Regards,

Gavin