Re: slurpd replication problem

["Marjan Knauer" <knauer@torra.de>]

hi linda,

you missed several things. some hints but maybe you should
take a look to the docs too.
master: replica binddn (no updatedn)
slave: updatedn (no replica)
both dn must exactly be the same: the replicator that has full
access to the slave (can be the slaves rootdn but should be
a separate user manually added to the slaves directory)

hope you understand more now!?

regards,
Marjan Knauer

------------------------------------------------------------
Torra IT-Dienstleistungen GmbH
Wollgrasweg 27  -  70599 Stuttgart
Postfach 72 01 61  -  70577 Stuttgart
Telefon: 0711/4705039
Mobil: 0171/6916812
------------------------------------------------------------



----- Original Message ----- 
From: "Linda Betts" <lbetts@highmark.com>
To: <openldap-software@OpenLDAP.org>
Sent: Friday, February 11, 2005 8:22 PM
Subject: slurpd replication problem


> Two openldap 2.2.23 servers(have also tried 2.2.17 and 2.2.20).
> Could get syncrepl to work.  But want to test experimental multi-master, 
> which I am assuming requires the use of slurpd(?)
>
> Therefore, I edited the portable.h file to have:
>
> #define SLAPD_MULTIMASTER 1
>
> I then edited my slapd.conf file(s)to have the following:
>
> Server 1 slapd.conf:
> access to *
>         by dn="uid=pitt2ch,o=highmark.com" write 
> updatedn="uid=pitt2ch,o=highmark.com"
>
> replogfile      /usr/local/var/openldap-bdb/replica.log
> replica host=pgln165.highmark.com:389
>         bindmethod=simple
>         binddn="uid=ch2pitt,o=highmark.com"
>         credentials=mysecret
>
> Server 2 slapd.conf:
> access to *
>         by dn="uid=ch2pitt,o=highmark.com" write
> updatedn="uid=ch2pitt,o=highmark.com"
>
> replogfile      /usr/local/var/openldap-bdb/replica.log
> replica host=chln187.highmark.com:389
>         bindmethod=simple
>         binddn="uid=pitt2ch,o=highmark.com"
>         credentials=yoursecret
>
> I started the servers and they came up nicely.  I started slurp and it 
> runs.  I add user to server with ldapadd.  slurpd on server 1 picks up the 
> change and attempts to put to server2.  The following error is in ldap.log 
> on server 2:
> Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 BIND 
> dn="uid=ch2pitt,o=highmark.com" method=128
> Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 BIND 
> dn="uid=ch2pitt,o=highmark.com" mech=SIMPLE ssf=0
> Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=0 RESULT tag=97 err=0 text=
> Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=1 ADD 
> dn="uid=newuser20,ou=people,o=highmark.com"
> Feb 11 14:14:28 pgln165 slapd[7955]: conn=0 op=1 RESULT tag=105 err=19 
> text=structuralObjectClass: no user modification allowed
>
> Server 1's replica rejection log states:
> ERROR: Constraint violation: structuralObjectClass: no user modification 
> allowed
> replica: pgln165.highmark.com:389
> time: 1108149170.0
> dn: uid=newuser20,ou=people,o=highmark.com
> changetype: add
> uid: newuser20
> userPassword:: e1NIQX1qK2kzU2phQjRZWDRhNC9nSlhVamd1Q2hvYU09
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: highmarkextensions
> objectClass: onteuser
> objectClass: fdxuser
> mail: www-admin@highmark.com
> givenName: New
> sn: User20
> cn: New User20
> structuralObjectClass: fdxuser
> entryUUID: aaf5ef66-10ac-1029-9146-abdb8ceb3fa7
> creatorsName: cn=Directory Manager,o=highmark.com
> createTimestamp: 20050211191250Z
> entryCSN: 20050211191250Z#000001#00#000000
> modifiersName: cn=Directory Manager,o=highmark.com
> modifyTimestamp: 20050211191250Z
>
> My schema files on both systems are the same and server 2 was loaded with 
> the dbs from server1.
>
> What did I miss in this configuration?