I think there is no problem with master server search is good with cn=sync and as anonymous:On Thursday 06 March 2008 16:44:21 Julien Garnier wrote:
I just reinstall all my slave server and resynchronize all the database and it's the same : It's OK when I search the master server but doesn't work for the slave server.
What I've done is : reinstall linux install openldap from aptitude (slapd 2.3.30 (Mar 9 2007 05:43:02)) copy paste my config file to /etc/ldap/slapd.conf starting server
and nothing else.
search on base doesn't retrn any results :
Does cn=sync-dr13,ou=people,dc=compagnie,dc=com have unlimited (size/time) access to your provider? Have you tested manually (e.g. with 'ldapsearch -x -H ldap://master:389 -b ou=People,dc=compagnie,dc=com -D cn=sync-dr13,ou=people,dc=compagnie,dc=com -w secret "(cnrsDelegation=DR13*)"') that you can receive all the entries? Or, have you confirmed from the logs on the consumer that the provider search did not return a result=4?
dn: ou=People,dc=compagnie,dc=com structuralObjectClass: organizationalUnit entryUUID: 187a2858-af67-102b-9acf-e50839f4c3d0 creatorsName: cn=ldapmaster,ou=People,dc=compagnie,dc=com modifiersName: cn=ldapmaster,ou=People,dc=compagnie,dc=com createTimestamp: 20070615083520Z modifyTimestamp: 20070615083520Z entryCSN: 20070615083520Z#000001#00#000000 contextCSN: 20080307004124Z#000000#00#000000 entryDN: ou=People,dc=compagnie,dc=com subschemaSubentry: cn=Subschema hasSubordinates: TRUE
If your consumer's binddn can't retrieve all the entries, the initial sync will keep failing, thus the contextCSN will not be added on the consumer
Regards,
Buchan
Thanks Julien
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature