[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
replication problem: "shadow context; no update referral"
- To: openldap-software@openldap.org
- Subject: replication problem: "shadow context; no update referral"
- From: Emmanuel Dreyfus <manu@netbsd.org>
- Date: Tue, 27 Feb 2007 10:13:07 +0000
- Content-disposition: inline
- User-agent: Mutt/1.4.2.2i
Hello
I try to use replication with slurpd, using TLS to secure access to the
replicas.
1) On the master, slapd.conf contains this:
database bdb
suffix "dc=example,dc=net"
directory /var/openldap/openldap-data
replogfile /var/log/ldap/ldap.replog
replica uri=ldaps://ldap1.example.net bindmethod=sasl saslmech=EXTERNAL
I have a slurpd pseudo-user, with a .ldaprc file:
SASL_MECH EXTERNAL
TLS_CACERT /etc/openssl/certs/ca.crt
TLS_KEY /usr/pkg/etc/openldap/slurpd/etc/openssl/slurpd.key
TLS_CERT /usr/pkg/etc/openldap/slurpd/etc/openssl/slurpd.crt
2) On the slave, slapd.conf contains:
suffix "dc=example,dc=net"
directory /var/openldap/openldap-data
updatedn "email=...,cn=slurpd,ou=....,o=...,st=...,c=..."
updateref ldap://ldap0.example.net
access to *
by dn.exact="email=...,cn=slurpd,ou=....,o=...,st=...,c=..."
by * none
updatedn is the information I have in slurpd's certificate.
When I update the master, slrupd sees the modification and attempt to
propagate it to the salve, but it fails:
Error: ldap_modify_s failed modifying DN "cn=foo,dc=example,dc=net": shadow context; no update referral
On the slave, the error is:
conn=19 op=7 RESULT tag=103 err=10 text=
I found in <ldap.h> that this err=1à is
#define LDAP_REFERRAL 0x0a /* LDAPv3 */
But it does not helps me fixing the problem.
What is wrong?
--
Emmanuel Dreyfus
manu@netbsd.org