[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
could not config n-way multi-master because insufficient access
- To: openldap-technical@openldap.org
- Subject: could not config n-way multi-master because insufficient access
- From: owen nirvana <freeespeech@gmail.com>
- Date: Mon, 7 Jun 2010 14:10:00 +0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:from:date :message-id:subject:to:content-type; bh=jR2F97sEK1un5v9aIsfONSpFVqkN3HX/6d6aN7wV+9Q=; b=xuSBLCXsCPANwTh/UJ12F9jpK6yw/7UwyYbf/Tzhak8kn+tJkLHLdmngVBcxBp3jfa AC2jf0Sm/qdH7miJaEbLGY/l/ZDFvs7LWdZ4Xx1l2i24PNXbYT/PVTiepg2HDBnGEovg J5jSCppSpnhEmSCj5a/xWGegIvPz3mmV3ijSM=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=LqeXIW14Ui5hEHaIEkNpV+uxP22XtkOMWZSX9+Eya/d3M0s2ZRCOcwq6mGt7WRpBP/ v8isy4uMeK9t6jKB1ocRYWrrUNpS/u8rrTLydyAY2smEla8S9xnKIGAzNJa5m3gCCeCz P3A6wI9m1bWwKMO3J7rlDU+M2Te9fTcKITSdk=
my env is Debian squeeze, OpenLDAP 2.4.17( from packages.debian.org)
I create an OpenLDAP Server, and try to config N-Wat multi-master, according to OpenLDAP Admin Guide.
i adding init.ldif file on the server , the following is the content
dn: cn=config
objectClass: olcGlobal
cn: config
olcServerID: 1
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootPW: secret
and I get error --- "insufficient access" , even if I set "acess to * by * write" in slapd.conf
actually, I don't understand what the guide said.
'''''''''''''
This sets up the config database:
dn: cn=config
objectClass: olcGlobal
cn: config
olcServerID: 1
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootPW: secret
''''''''''''''''''''''''''''
the above configuration block could not be import in my computer, it is said at the begin.
''''''''''''''''''''''''''''
Now we setup the first Master Node (replace $URI1, $URI2 and $URI3
etc. with your actual ldap urls):
dn: cn=config
changetype: modify
replace: olcServerID
olcServerID: 1 $URI1
olcServerID: 2 $URI2
olcServerID: 3 $URI3
dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=001 provider=$URI1 binddn="cn=config" bindmethod=simple
credentials=secret searchbase="cn=config" type=refreshAndPersist
retry="5 5 300 5" timeout=1
olcSyncRepl: rid=002 provider=$URI2 binddn="cn=config" bindmethod=simple
credentials=secret searchbase="cn=config" type=refreshAndPersist
retry="5 5 300 5" timeout=1
olcSyncRepl: rid=003 provider=$URI3 binddn="cn=config" bindmethod=simple
credentials=secret searchbase="cn=config" type=refreshAndPersist
retry="5 5 300 5" timeout=1
-
add: olcMirrorMode
olcMirrorMode: TRUE
''''''''''''''''''''''''''''
the configuration block seems conflict with the former, why should I write "olcServerID: 1 $URI1" into LDAP Server if "olcServerID: 1" is right, and why should I not write an entire configuration, but two configuration file which seems conflict separately.
I have set up an unlimit previledge, why LDAP Server report "insufficient access". what previledge should be set.
thanks for help
gtalk:freeespeech@gmail.com