[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Syncrepl and chain Overlay
> Hi,
>
> I'm having some trouble to get the chain overlay to work on a syncrepl
> consumer with current HEAD code. My config basically looks like this:
>
> -------------------------------------------
> database bdb
> suffix "dc=example,dc=com"
> rootdn "cn=admin,dc=example,dc=com"
> rootpw "secret"
> overlay chain
> chain-uri ldap://<master-server>
> directory /var/lib/ldap
> checkpoint 1024 5
> cachesize 10000
> syncrepl rid=333
> provider="ldap://<master-server>"
> type=refreshOnly
> interval=00:00:01:00
> searchbase="dc=example,dc=com"
> updatedn="cn=syncrepl,dc=example,dc=com"
> bindmethod=simple
> binddn="cn=administrator,dc=example,dc=com"
> credentials="secret"
> updateref ldap://<master-server>
> index objectClass,uidNumber,gidNumber eq
> --------------------------------------------
>
> When issueing a modify operation on the consumer I just get the referral
> back
> as if the chain overlay wasn't there. It doesn't even try to contact the
> master server.
> I compiled everything (chain-overlay and back-ldap) statically into slapd
> and
> in the logs I see, that the chain-overlay is initialized and configured.
>
> Any idea what's going wrong here? Is the above configuration screwed?
didn't go into details reading your config, so there might be something
more; one thing I see is tht your configurtion is missing the
"chain-acl-authcDN", "chain-acl-passwd" directives that tell the
underlying back-ldap what identity to rebind as when following the
referral.
I suspect this is required in order to allow auth'd referral chasing when
performing writes.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497