Hi List.
I have been trying to set up replication between two LDAP servers
running OpenSuSE10.2 and Openldap 2-2.3.27-25 but unfortunately I am not
having a lot of success :(
The master server is called ldap1. This is slapd.conf:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
loglevel -1
TLSCertificateFile /etc/openldap/servercert.pem
TLSCACertificateFile /etc/openldap/cacert.pem
TLSCertificateKeyFile /etc/openldap/serverkey.pem
database bdb
suffix "dc=mydomain,dc=com"
rootdn "cn=Administrator,dc=mydomain,dc=com"
rootpw "{ssha}mypassword"
directory /var/lib/ldap/
checkpoint 1024 5
cachesize 10000
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres
#Entries for replication
replica uri=ldap://192.168.2.246.1:389
binddn="cn=replica,dc=mydomain,dc=com"
bindmethod=simple
credentials="{ssha}mypassword"
replogfile /var/lib/ldap/slurpd.replog
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
As you can see the loglevel is set to -1 as I have been trying to
troubleshoot this for the last two days...
The slave server is ldap2 and here is slapd.conf:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
loglevel -1
database bdb
suffix "dc=mydomain,dc=com"
rootdn "cn=replica,dc=mydomain,dc=com"
rootpw "{ssha}mypassword"
directory /var/lib/ldap/
checkpoint 1024 5
cachesize 10000
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres
#Entries for replication
updatedn="cn=replica,dc=mydomain,dc=com"
updateref=ldap://ldap1.mydomain.com
replogfile /var/lib/ldap/slurpd.replog
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
OK so slapd starts without error on both servers and slurpd on ldap1.
/var/lib/ldap/slurpd.replog is created successfully and there is also
another replog file created in /var/lib/slurpd/replica/slurpd.replog
which the man page tells me is a working directory to which slurpd
copies the replog before processing it.
Ok so now all seems normal up to here but this is where the trouble starts.
I update an entry in the database on ldap1 and the following is written
to /var/lib/slurpd/replica/slurpd.replog:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
replica: 192.168.2.246 <http://192.168.2.246>
time: 1194939780
dn: uid=user.three,ou=people,dc=mydomain,dc=com
changetype: modify
replace: sn
sn: Tres
-
replace: entryCSN
entryCSN: 20071113074300Z#000000#00#000000
-
replace: modifiersName
modifiersName: cn=Administrator,dc=mydomain,dc=com
-
replace: modifyTimestamp
modifyTimestamp: 20071113074300Z
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
but /var/lib/ldap/slurpd.replog remains empty and the updated entry is
not replicated to ldap2
The permissions on /var/lib/ldap/slurpd.replog:
-rw-r--r-- 1 ldap ldap 0 2007-11-13 11:43 /var/lib/ldap/slurpd.replog
I don't see any other errors in /var/log/messages but there is a LOT of
output and I most of it seems quite cryptic.
I am really at a loss here and would appreciate it if anybody can point
out a mistake in my configuration or any other glaringly obvious errors.
Thanks
Lawrence