[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
problem with syncrepl and refreshAndPersist
Hi all!
I'm trying to set up syncRepl functionality with refreshAndPersist
option but I can't get it to work: replication only works in one
direction. Modification of consumer's data using phpLDAPadmin results
in an error message (LDAP_REFERRAL). Currently I'm using OpenLDAP
version 2.3.2 beta with backend bdb db4-4.2.52-7.1 on Red Hat Enterprise
Linux AS 4 (provider) and SuSE Linux 9.2 (consumer). The following is my
configuration and details about the error:
----------------------------------------------------------------------
slapd.conf (Provider):
----------------------------------------------------------------------
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
access to attrs=userPassword
by self write
by * auth
access to dn="cn=root,dc=example,dc=de"
by * none
access to dn.subtree="ou=test1,dc=example,dc=de"
by dn="cn=test1,ou=test1,dc=example,dc=de" write
by * none
access to * by * read
database bdb
suffix "dc=example,dc=de"
rootdn "cn=root,dc=example,dc=de"
rootpw {SSHA}FlnixNQL+hxEt1GCFpomR9Wx1x9ChWPg
directory /usr/local/var/openldap-data
index objectclass eq
index entryCSN,entryUUID eq
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
----------------------------------------------------------------------
slapd.conf (Consumer):
----------------------------------------------------------------------
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
access to attrs=userPassword
by self write
by * auth
access to dn="cn=root,dc=example,dc=de"
by * none
access to dn.subtree="ou=test1,dc=example,dc=de"
by dn="cn=test1,ou=test1,dc=example,dc=de" write
by * none
access to * by * read
database bdb
suffix "dc=example,dc=de"
rootdn "cn=root,dc=example,dc=de"
rootpw {SSHA}FlnixNQL+hxEt1GCFpomR9Wx1x9ChWPg
directory /usr/local/var/openldap-data
index objectClass eq
index entryCSN,entryUUID eq
syncrepl rid=1
provider=ldap://ldap.example.de:389
bindmethod=simple
binddn="cn=test1,ou=test1,dc=example,dc=de"
credentials="secret"
searchbase="dc=example,dc=de"
filter="(objectClass=*)"
attrs="*"
schemachecking=off
scope=sub
type=refreshAndPersist
retry=10,+
updateref ldap://ldap.example.de
overlay syncprov
----------------------------------------------------------------------
phpLDAPadmin Error-Message:
----------------------------------------------------------------------
Error
Could not perform ldap_modify operation.
LDAP said: Referral
Error number: 0x0a (LDAP_REFERRAL)
Description:
----------------------------------------------------------------------
/var/log/messages (Consumer):
----------------------------------------------------------------------
...
conn=27 fd=15 ACCEPT from IP=127.0.0.1:33797 (IP=0.0.0.0:389)
conn=27 op=0 BIND dn="cn=test1,ou=test1,dc=example,dc=de" method=128
conn=27 op=0 BIND dn="cn=test1,ou=test1,dc=example,dc=de" mech=SIMPLE
ssf=0
conn=27 op=0 RESULT tag=97 err=0 text=
conn=27 op=1 MOD dn="cn=0001,ou=test1,dc=example,dc=de"
conn=27 op=1 MOD attr=employeeNumber
conn=27 op=1 RESULT tag=103 err=10 text=
conn=27 op=2 UNBIND
conn=27 fd=15 closed
...
----------------------------------------------------------------------
/var/log/messages (Provider):
----------------------------------------------------------------------
...
conn=1 fd=11 ACCEPT from IP=xxx.xxx.xxx.xxx:33767 (IP=0.0.0.0:389)
conn=1 op=0 BIND dn="cn=test1,ou=test1,dc=example,dc=de" method=128
conn=1 op=0 BIND dn="cn=test1,ou=test1,dc=example,dc=de" mech=SIMPLE ssf=0
conn=1 op=0 RESULT tag=97 err=0 text=
conn=1 op=1 SRCH base="dc=example,dc=de" scope=2 deref=0
filter="(objectClass=*)"
conn=1 op=1 SRCH attr=* structuralObjectClass entryCSN
...
----------------------------------------------------------------------
Thanks!
Timm