[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication Problem

To: Dick Davies <rasputnik@hellooperator.net>
Subject: Re: Replication Problem
From: Stephane Boisvert <sboisvert@softvoyage.com>
Date: Fri, 23 Jul 2004 10:42:22 -0400
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20040723141546.GA16448@lb.tenfour>
Organization: Softvoyage Inc.
References: <20040723095217.1b071c11.sboisvert@softvoyage.com> <20040723141546.GA16448@lb.tenfour>

Sorry i foret to include the ACL .. there is the ACL i am already using .. is it OK ?




access to attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=Manager,dc=softvoyage,dc=com" write
        by dn="cn=replicator,ou=System,dc=softvoyage,dc=com" write
        by * none

access to *
        by dn="cn=Manager,dc=softvoyage,dc=com" write
        by dn="cn=replicator,ou=System,dc=softvoyage,dc=com" write
        by * read





For the root password i dont really care for the moment.. the ldap server is innaccessible for the outside world and the pasword will change when i put the ldap in production.




On Fri, 23 Jul 2004 15:15:46 +0100
Dick Davies <rasputnik@hellooperator.net> wrote:

> * Stephane Boisvert <sboisvert@softvoyage.com> [0705 15:05]:
> > Hi, 
> > 
> >    I know many people asked this question but im not able to establish a two way replication with 1 master and 1 slave. Does i need to add a referral object into my directory ? I followed the documentation and i always get this errors
> > 
> > 
> > on the .rej file:
> > 
> > 
> > ERROR: Referral
> > replica: slave1.ldap:389
> > time: 1090590585.0
> 
> > replogfile /var/lib/ldap/replica/replog
> > 
> > and the slapd.conf on the slave
> > 
> > 
> > database        bdb
> > suffix          "dc=softvoyage,dc=com"
> > rootdn          "cn=Manager,dc=softvoyage,dc=com"
> > rootpw          {MD5}TCKjnd9NwiJ9H9YDoZJTEg==
> > 
> > directory       /var/lib/ldap
> > 
> > index   objectClass,uid,uidNumber,gidNumber     eq
> > index   cn,mail,surname,givenname               eq,subinitial
> > 
> > 
> > updatedn        "cn=replicator,ou=System,dc=softvoyage,dc=com"
> > updateref       "ldap://192.168.211.145:389";
> 
> I think you need an acl here to let the updatedn DN write to the directory.
> You also need that DN to exist in the slave with a valid password.
> 
> (also change that rootdn - md5 isn't very secure and you just gave the world your root password ).
> 
> 
> -- 
> The grand leap of the whale up the Fall of Niagara is esteemed, by all
> who have seen it, as one of the finest spectacles in nature.
> 		-- Benjamin Franklin
> Rasputin :: Jack of All Trades - Master of Nuns

References:
- Replication Problem
  - From: Stephane Boisvert <sboisvert@softvoyage.com>
- Re: Replication Problem
  - From: Dick Davies <rasputnik@hellooperator.net>

Prev by Date: Re: Replication Problem
Next by Date: RE: openldap up; can't db_stat
Index(es):
- Chronological
- Thread