[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slurpd: skip repl record for



So more information about my problem:
if I change:
replica uri=ldaps://192.168.247.130:389/
to 
replica uri=ldap://192.168.247.130:389/
THEN I get a slightly different replication log created by Slurpd.  However, 
when I examine that file, it is missing:
replica:  192.168.247.130:389

If I kill slurpd, edit the log to include the 'replica' line, and then restart 
slurpd, then it forms the connection and attempts to forward the ldif.

So it looks like I facing two problems:
1.  slurpd doesn't work right with SSL
2.  slurpd doesn't create the right log format for it to use for replication.

Am I missing something in my SSL config?

Any ideas on a bug fix for #2?

rpmquery --all | egrep openldap
openldap2-client-2.3.19-18.6
openldap2-2.3.19-18.7


On Thursday 11 January 2007 21:10, matthew sporleder wrote:
> On 1/11/07, Jeremy M. Guthrie <jeremy.guthrie@berbee.com> wrote:
> > I am running into an issue trying to do LDAP replication.  I am trying to
> > get slurp to replicate data but it keeps complaining that none of the
> > data is 'mine'.
> >
> > I also never see slurpd make a TCP connection to the 192.168.247.130
> > peer.
> >
> > slapd.conf
> > include         /etc/openldap/schema/core.schema
> > include         /etc/openldap/schema/cosine.schema
> > include         /etc/openldap/schema/inetorgperson.schema
> > include         /etc/openldap/schema/rfc2307bis.schema
> > include         /etc/openldap/schema/yast.schema
> > pidfile         /var/run/slapd/slapd.pid
> > argsfile        /var/run/slapd/slapd.args
> > modulepath      /usr/lib/openldap/modules
> > access to dn.base=""
> >         by * read
> > access to dn.base="cn=Subschema"
> >         by * read
> > access to attrs=userPassword,userPKCS12
> >         by self write
> >         by * auth
> > access to attrs=shadowLastChange
> >         by self write
> >         by * read
> > access to *
> >         by * read
> > loglevel 0
> >
> > replogfile /var/lib/ldap/replog/ldap.binc-groups.replog
> >
> >
> > TLSCertificateFile /etc/openldap/servercert.pem
> > TLSCertificateKeyFile /etc/openldap/serverkey.pem
> > database bdb
> > suffix "dc=remote,dc=binc,dc=net"
> > rootdn "XXXXXXXXXXXXXXXXXXXXXXXX"
> > rootpw XXXXXXXXXXXXX
> > directory /var/lib/ldap/dc=remote_dc=binc_dc=net
> > checkpoint 1024 5
> > cachesize 10000
> > index objectClass,uidNumber,gidNumber eq
> > index member,mail eq,pres
> > index cn,displayname,uid,sn,givenname sub,eq,pres
> > replica host=192.168.247.130
> >        binddn="XXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
> >        bindmethod=simple
> >        credentials=XXXXXXXXXXXXX
> >
> >
> > Slurpd Logs:
> > Replica 192.168.247.130:389, skip repl record for
> > uid=tester,ou=people,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > cn=testing,ou=group,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > cn=groupconfiguration,ou=ldapconfig,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > uid=jguthries,ou=binc,ou=people,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > uid=test22,ou=binc,ou=people,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > uid=howdy,ou=binc,ou=people,dc=remote,dc=binc,dc=net (not mine)
> > Replica 192.168.247.130:389, skip repl record for
> > uid=sasser,ou=binc,ou=people,dc=remote,dc=binc,dc=net (not mine)
> >
> > --
>
> I've never seen that error, but I'm pretty sure your replogfile needs
> to go into your database section.  (that makes the error seem logicall
> to me, anyway)
>
> See:
> http://www.openldap.org/faq/data/cache/371.html
>
> _Matt

-- 

--------------------------------------------------
Jeremy M. Guthrie        jeremy.guthrie@berbee.com
Senior Network Engineer        Phone: 608-298-1061
Berbee - A CDW Company           Fax: 608-288-3007
5520 Research Park Drive         NOC: 608-298-1102
Madison, WI 53711

Attachment: pgpaqynwe1S4c.pgp
Description: PGP signature