[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: slurpd trouble
1) TLS connect failure
TLS trace: SSL3 alert read:fatal:handshake failure
TLS trace: SSL_connect:error in SSLv2/v3 read server hello A
TLS: can't connect.
ldap_err2string
Warning: ldap_start_tls failed: Connect error (-11)
If you do not have SSL Server Server for LDAP Servers, remove "tls=yes"
of "replica" directive in slapd.conf at MASTER
2) Invalid DN syntax
Error: ldap_simple_bind_s for bms-serve.bloomfield.k12.mo.us:389 failed:
Invalid DN syntax
Make sure you add "cn=replica,dc=bes-serve,dc=bloomfield.k12.mo.us" with
a userPassword of "secret" to MASTER prior to copying the database over.
Here I wonder someone in this forum could comment if "-" and "."
characters are allowed for naming of domain components (dc)?
3) You have the password of replica binddn set to:
credentials='secret'
I think the enclosing single quotes are not really needed, try removing
it, just make it:
credentials=secret
Gary
-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Scott Mayo
Sent: Thursday, June 30, 2005 1:33 AM
To: openldap-software@OpenLDAP.org
Subject: slurpd trouble
I have been having a lot of trouble getting my replication to work. So
far, I have set up a Master
server(10.0.0.4=bes-serve.bloomfield.k12.mo.us) and a Slave
server(10.0.0.6=bms-serve.bloomfield.k12.mo.us). I added two users onto
the Master server and then copied the database over to the slave. I
started slapd up on both machines. I then added another user on the
Master. I started slurpd in one-shot mode to see why it does not
update. Here is the last part of the error that I get and then it never
returns me to the command prompt.
Config: ** configuration file successfully read and parsed
Config: (allow bind_v2)
Config: (pidfile /var/run/slapd.pid)
Config: (argsfile /var/run/slapd.args)
Config: (loglevel -1)
Config: (database bdb)
Config: (suffix "dc=bes-serve,dc=bloomfield.k12.mo.us")
Config: (rootdn
"cn=Manager,dc=bes-serve,dc=bloomfield.k12.mo.us")
Config: (rootpw secret)
Config: (directory /var/lib/ldap)
Config: (index objectClass eq)
Config: (index cn eq,pres,sub)
Config: (index sn eq,pres,sub)
Config: (index uid eq,pres,sub)
Config: (index displayName eq,pres,sub)
Config: (index uidNumber eq)
Config: (index gidNumber eq)
Config: (index memberUid eq)
Config: (index sambaSID eq)
Config: (index sambaPrimaryGroupSID eq)
Config: (index sambaDomainName eq)
Config: (index default sub)
Config: (replogfile /var/lib/ldap/replog)
Config: (replica uri=ldap://bms-serve.bloomfield.k12.mo.us:389
suffix="dc=bes-se rve,dc=bloomfield.k12.mo.us"
binddn="cn=replica,dc=bes-serve,bloomfield.k12.mo.u s" bindmethod=simple
credentials='secret' tls=yes)
ldap_url_parse_ext(ldap://bms-serve.bloomfield.k12.mo.us:389)
Config: ** successfully added replica
"bms-serve.bloomfield.k12.mo.us:389"
Config: ** configuration file successfully read and parsed Processing in
one-shot mode: 38 total replication records in file, 38 replication
records to process. begin replication thread for
bms-serve.bloomfield.k12.mo.us:389
Initializing session to ldap://bms-serve.bloomfield.k12.mo.us:389
ldap_create
ldap_url_parse_ext(ldap://bms-serve.bloomfield.k12.mo.us:389)
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP bms-serve.bloomfield.k12.mo.us:389
ldap_new_socket: 6
ldap_prepare_socket: 6
ldap_connect_to_host: Trying 10.0.0.6:389
ldap_connect_timeout: fd: 6 tm: -1 async: 0
ldap_ndelay_on: 6
ldap_is_sock_ready: 6
ldap_ndelay_off: 6
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 31 bytes to sd 6
0000: 30 1d 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31
0....w...1.3.6.1
0010: 2e 34 2e 31 2e 31 34 36 36 2e 32 30 30 33 37
.4.1.1466.20037
ldap_write: want=31, written=31
0000: 30 1d 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31
0....w...1.3.6.1
0010: 2e 34 2e 31 2e 31 34 36 36 2e 32 30 30 33 37
.4.1.1466.20037
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: bms-serve.bloomfield.k12.mo.us port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Jun 29 12:06:38 2005
** Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 78 07 0a 0....x..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x552ac108d0 ptr=0x552ac108d0 end=0x552ac108dc len=12
0000: 02 01 01 78 07 0a 01 00 04 00 04 00
...x........
ldap_read: message type extended-result msgid 1, original id 1 ber_scanf
fmt ({iaa) ber:
ber_dump: buf=0x552ac108d0 ptr=0x552ac108d3 end=0x552ac108dc len=9
0000: 78 07 0a 01 00 04 00 04 00 x........
read1msg: 0 new referrals
read1msg: mark request completed, id = 1
request 1 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_extended_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x552ac108d0 ptr=0x552ac108d3 end=0x552ac108dc len=9
0000: 78 07 0a 01 00 04 00 04 00 x........
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x552ac108d0 ptr=0x552ac108d3 end=0x552ac108dc len=9
0000: 78 07 0a 01 00 04 00 04 00 x........
ber_scanf fmt (}) ber:
ber_dump: buf=0x552ac108d0 ptr=0x552ac108dc end=0x552ac108dc len=0
ldap_msgfree
TLS trace: SSL_connect:before/connect initialization
tls_write: want=142, written=142
0000: 80 8c 01 03 01 00 63 00 00 00 20 00 00 39 00 00 ......c...
..9..
0010: 38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0
8..5............
0020: 00 00 33 00 00 32 00 00 2f 03 00 80 00 00 66 00
..3..2../.....f.
0030: 00 05 00 00 04 01 00 80 08 00 80 00 00 63 00 00
.............c..
0040: 62 00 00 61 00 00 15 00 00 12 00 00 09 06 00 40
b..a...........@
0050: 00 00 65 00 00 64 00 00 60 00 00 14 00 00 11 00
..e..d..`.......
0060: 00 08 00 00 06 04 00 80 00 00 03 02 00 80 f1 55
...............U
0070: ed 94 cd 3b d3 85 43 d6 c4 8c 56 74 a5 26 04 df
...;..C...Vt.&..
0080: 46 30 bf 2b 38 92 da 3e 1b fc e4 10 b0 64
F0.+8..>.....d
TLS trace: SSL_connect:SSLv2/v3 write client hello A
tls_read: want=7, got=7
0000: 15 03 01 00 02 02 28 ......(
TLS trace: SSL3 alert read:fatal:handshake failure
TLS trace: SSL_connect:error in SSLv2/v3 read server hello A
TLS: can't connect.
ldap_err2string
Warning: ldap_start_tls failed: Connect error (-11)
ldap_unbind
ldap_free_connection
ldap_send_unbind
ber_flush: 7 bytes to sd 6
0000: 30 05 02 01 02 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 02 42 00 0....B.
ldap_free_connection: actually freed
Initializing session to ldap://bms-serve.bloomfield.k12.mo.us:389
ldap_create
ldap_url_parse_ext(ldap://bms-serve.bloomfield.k12.mo.us:389)
bind to bms-serve.bloomfield.k12.mo.us:389 as
cn=replica,dc=bes-serve,bloomfield .k12.mo.us (simple)
ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind
ldap_send_initial_request ldap_new_connection ldap_int_open_connection
ldap_connect_to_host: TCP bms-serve.bloomfield.k12.mo.us:389
ldap_new_socket: 6
ldap_prepare_socket: 6
ldap_connect_to_host: Trying 10.0.0.6:389
ldap_connect_timeout: fd: 6 tm: -1 async: 0
ldap_ndelay_on: 6
ldap_is_sock_ready: 6
ldap_ndelay_off: 6
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 66 bytes to sd 6
0000: 30 40 02 01 01 60 3b 02 01 03 04 2c 63 6e 3d 72
0@...`;....,cn=r
0010: 65 70 6c 69 63 61 2c 64 63 3d 62 65 73 2d 73 65
eplica,dc=bes-se
0020: 72 76 65 2c 62 6c 6f 6f 6d 66 69 65 6c 64 2e 6b
rve,bloomfield.k
0030: 31 32 2e 6d 6f 2e 75 73 80 08 27 73 65 63 72 65
12.mo.us..'secre
0040: 74 27 t'
ldap_write: want=66, written=66
0000: 30 40 02 01 01 60 3b 02 01 03 04 2c 63 6e 3d 72
0@...`;....,cn=r
0010: 65 70 6c 69 63 61 2c 64 63 3d 62 65 73 2d 73 65
eplica,dc=bes-se
0020: 72 76 65 2c 62 6c 6f 6f 6d 66 69 65 6c 64 2e 6b
rve,bloomfield.k
0030: 31 32 2e 6d 6f 2e 75 73 80 08 27 73 65 63 72 65
12.mo.us..'secre
0040: 74 27 t'
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: bms-serve.bloomfield.k12.mo.us port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Jun 29 12:06:38 2005
** Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 16 02 01 01 61 11 0a 0....a..
ldap_read: want=16, got=16
0000: 01 22 04 00 04 0a 69 6e 76 61 6c 69 64 20 44 4e
."....invalid DN
ber_get_next: tag 0x30 len 22 contents:
ber_dump: buf=0x552ac22970 ptr=0x552ac22970 end=0x552ac22986 len=22
0000: 02 01 01 61 11 0a 01 22 04 00 04 0a 69 6e 76 61
...a..."....inva
0010: 6c 69 64 20 44 4e lid DN
ldap_read: message type bind msgid 1, original id 1
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x552ac22970 ptr=0x552ac22973 end=0x552ac22986 len=19
0000: 61 11 0a 01 22 04 00 04 0a 69 6e 76 61 6c 69 64
a..."....invalid
0010: 20 44 4e DN
read1msg: 0 new referrals
read1msg: mark request completed, id = 1
request 1 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x552ac22970 ptr=0x552ac22973 end=0x552ac22986 len=19
0000: 61 11 0a 01 22 04 00 04 0a 69 6e 76 61 6c 69 64
a..."....invalid
0010: 20 44 4e DN
ber_scanf fmt (}) ber:
ber_dump: buf=0x552ac22970 ptr=0x552ac22986 end=0x552ac22986 len=0
ldap_msgfree
ldap_err2string
Error: ldap_simple_bind_s for bms-serve.bloomfield.k12.mo.us:389 failed:
Invalid DN syntax
ldap_unbind
ldap_free_connection
ldap_send_unbind
ber_flush: 7 bytes to sd 6
0000: 30 05 02 01 02 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 02 42 00 0....B.
ldap_free_connection: actually freed
Here are my current config files.
*********SLAVE /ETC/OPENLDAP/LDAP.CONF*******************
HOST 10.0.0.4 10.0.0.6
BASE dc=bes-serve,dc=bloomfield.k12.mo.us
*********SLAVE /ETC/OPENLDAP/SLAPD.CONF****************
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
loglevel -1
database bdb
suffix "dc=bes-serve,dc=bloomfield.k12.mo.us"
rootdn "cn=Manager,dc=bes-serve,dc=bloomfield.k12.mo.us"
rootpw secret
updatedn "cn=replica,dc=bes-serve,dc=bloomfield.k12.mo.us"
updateref ldap://bes-serve.bloomfield.k12.mo.us
directory /var/lib/ldap
index objectClass eq
index cn eq,pres,sub
index sn eq,pres,sub
index uid eq,pres,sub
index displayName eq,pres,sub
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
access to *
by dn.exact="cn=replica,dc=bes-serve,dc=bloomfield.k12.mo.us" write
by * none break
access to attrs=userPassword
by self write
by * auth
access to * by self write
by * read
***********MASTER /ETC/OPENLDAP/LDAP.CONF**************
HOST 127.0.0.1 10.0.0.6
BASE dc=bes-serve,dc=bloomfield.k12.mo.us
**********MASTER /ETC/OPENLDAP/SLAPD.CONF**************
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
loglevel -1
database bdb
suffix "dc=bes-serve,dc=bloomfield.k12.mo.us"
rootdn "cn=Manager,dc=bes-serve,dc=bloomfield.k12.mo.us"
rootpw secret
directory /var/lib/ldap
index objectClass eq
index cn eq,pres,sub
index sn eq,pres,sub
index uid eq,pres,sub
index displayName eq,pres,sub
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
replogfile /var/lib/ldap/replog
replica uri=ldap://bms-serve.bloomfield.k12.mo.us:389
suffix="dc=bes-serve,dc=bloomfield.k12.mo.us"
binddn="cn=replica,dc=bes-serve,bloomfield.k12.mo.us"
bindmethod=simple
credentials='secret'
tls=yes
If anyone has any idea of what for me to change or look at, I would
really appreciate the help. I am stuck here. It looks like it is
having trouble connecting so I must have something set wrong in my
config files. I know it is nothing to do with iptables blocking a port,
since I have them turned off.
--
Scott Mayo
Technology Coordinator
Bloomfield Schools
PH: 573-568-5669
FA: 573-568-4565
Pager: 800-264-2535 X2549
Duct tape is like the force, it has a light side and a dark side and it
holds the universe together.