[Date Prev][Date Next] [Chronological] [Thread] [Top]

a newbie trying to get the basics of syncrepl going

I’m an admitted ldap lightweight but have been able to bring up an ldap server and populate it with the contents of my /etc/passwd file.  Now I want to set up a replica on another machine using sync replication and am having a few issues getting it to work.  My most recent success was getting simple authentication working because before it was failing and now it’s not so I’ve at least gotten that far.  Here’s what my replication section looks like in ldap.conf:

 

syncrepl rid=123

    provider=ldap://10.99.99.99:389

    type=refreshOnly

    interval=01:00:00:00

    searchbase="dc=myldap,dc=com"

    filter="(objectClass=account)"

    scope=sub

    schemachecking=off

    updatedn="cn=replica,dc=myldap,dc=com"

    bindmethod=simple

    binddn="uid=lsfadmin,ou=People,dc=myldap,dc=com"

    credentials=Something

 

I’m pretty sure I have the search parameters set correctly because if I run:

 

ldapsearch -x -h 10.99.99.99 -b 'dc=myldap,dc=com' -A uid

 

it dumps all my uids.

 

The part I’m on clear on is how to define things on the slave side.  For example I have the main part of the conf set the same on the master, just to make things easy on me and so I have the following which is exactly how I have the master set up.

 

database        bdb

suffix          "dc=myldap,dc=com"

rootdn          "cn=Manager,dc=myldap,dc=com"

rootpw          {SSHA}ZmTfiKLVf8X5GERsT3b3AoB3/hFV3l7R

directory       /var/lib/ldap

 

I’m guessing my problem may be with updatedn="cn=replica,dc=myldap,dc=com", but I’m not sure what it should be and whether or not I have to prime the replica with any special authentication to be able to write to it.

 

If I run “ldapsearch -x -b 'dc=myldap,dc=com'” against the replica it comes up empty so I’m sure nothing is getting replicated.  Further if I run the slave slapd with –d128 I get:

 

[root@hpdc3dmgt1 ~]# slapd -d 128

@(#) $OpenLDAP: slapd 2.3.43 (Nov  6 2008 02:53:24) $

        brewbuilder@hs20-bc1-5.build.redhat.com:/builddir/build/BUILD/openldap-2.3.43/openldap-2.3.43/build-servers/servers/slapd

slapd starting

request done: ld 0x2ac52b507c70 msgid 1

=> bdb_entry_get: cannot find entry: "dc=myldap,dc=com"

do_syncrep2: rid 123got search entry without control

do_syncrepl: rid 123 quitting

 

but I have no idea where it’s looking for the entry, on the master or the slave?  But I do have that entry on the master.

 

I’m sure I’m doing something wrong but am also hoping it’s relatively minor.

 

-mark