[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't start replication

Alister Forbes <a@cisco.com> writes:

> Hi Dieter,
>
> Here are the two ldifs I used to configure everything:  (only difference is the order the olcServerID is placed in.
>
> First Master:
> dn: cn=config
> changetype: modify
> replace: olcServerID
> olcServerID: 10 ldap://10.211.55.8
> olcServerID: 20 ldap://10.211.55.11
>
> dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
> changetype: add
> objectClass: olcOverlayConfig
> objectClass: olcSyncProvConfig
> olcOverlay: syncprov
>
> dn: olcDatabase={0}config,cn=config
> changetype: modify
> add: olcSyncRepl
> olcSyncRepl: rid=001 provider=ldap://10.211.55.8 binddn="cn=config" bindmethod=simple
>   credentials=$PASS searchbase="cn=config" type=refreshAndPersist
>   retry="5 5 300 5" timeout=1
> olcSyncRepl: rid=002 provider=ldap://10.211.55.11 binddn="cn=config" bindmethod=simple
>   credentials=$PASS searchbase="cn=config" type=refreshAndPersist
>   retry="5 5 300 5" timeout=1
> -
> add: olcMirrorMode
>   olcMirrorMode: TRUE
>
> Second Master:
> dn: cn=config
> changetype: modify
> replace: olcServerID
> olcServerID: 20 ldap://10.211.55.11
> olcServerID: 10 ldap://10.211.55.8
>
> dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
> changetype: add
> objectClass: olcOverlayConfig
> objectClass: olcSyncProvConfig
> olcOverlay: syncprov
>
> dn: olcDatabase={0}config,cn=config
> changetype: modify
> add: olcSyncRepl
> olcSyncRepl: rid=001 provider=ldap://10.211.55.8 binddn="cn=config" bindmethod=simple
>   credentials=$PASS searchbase="cn=config" type=refreshAndPersist
>   retry="5 5 300 5" timeout=1
> olcSyncRepl: rid=002 provider=ldap://10.211.55.11 binddn="cn=config" bindmethod=simple
>   credentials=$PASS searchbase="cn=config" type=refreshAndPersist
>   retry="5 5 300 5" timeout=1
> -
> add: olcMirrorMode
>   olcMirrorMode: TRUE

OK I don't see anything obvious
>
> On 03 Sep 2010, at 15:55, Dieter Kluenter wrote:
>
>> Am Fri, 3 Sep 2010 14:25:51 +0200
>> schrieb Alister Forbes <a@cisco.com>:
>> 
>>> All,
>>> 
>>> My situation is that I'm trying to get replication working between
>>> two instances of openldap 2.4.23, both running on RHEL5, both built
>>> with the same options, and db built under them with the same options,
>>> and both OS instances are the same (cloned VMs)
>>> 
>>> I can see the two slapd's trying to communicate, but athough the
>>> passwords supplied in 'credentials' are definitely correct, I keep
>>> seeing the err=49 in the logs below

How did you create the password and which hashing scheme did you use? 
It seems that the userpassword hashed value does not match the
presented value.

>>> 
>>> I've been struggling with this for days now.. can anyone give me a
>>> hint what I've messed up?
>>> 
>>> 
>>> Also, I'm not sure if it's related, but I now can't change anything
>>> in the servers configs directly, I keep getting -
>>> 
>>> ldap_modify: Server is unwilling to perform (53)
>>> 	additional info: shadow context; no update referral

Please check if oclReadOnly: is set to FALSE

[...]

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de 
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6