ldapsync slapd Can't contact LDAP server

[Daniel Qian <daniel@up247solution.com>]

Hi,

I have a simple syncrepl setup that kind of works but every two hours 
there is a syncing problem from the log on the consumer side:

Jul 14 01:09:57 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 01:09:57 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 03:11:12 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 03:11:12 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 05:12:26 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 05:12:26 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 07:13:41 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 07:13:41 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 09:14:55 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 09:14:55 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 11:16:10 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 11:16:10 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 13:17:24 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 13:17:24 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 15:18:39 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 15:18:39 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)
Jul 14 17:19:53 ldapsync slapd[1636]: do_syncrep2: rid=002 (-1) Can't 
contact LDAP server
Jul 14 17:19:53 ldapsync slapd[1636]: do_syncrepl: rid=002 rc -1 
retrying (29 retries left)

log from the provider looks better:

Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 fd=20 ACCEPT from 
IP=x.x.x.x:1093 (IP=0.0.0.0:389)
Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 BIND 
dn="cn=replica,dc=mydomain,dc=com" method=128
Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 BIND 
dn="cn=replica,dc=mydomain,dc=com" mech=SIMPLE ssf=0
Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=0 RESULT tag=97 
err=0 text=
Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=1 SRCH 
base="dc=mydomain,dc=com" scope=2 deref=0 filter="(objectClass=*)"
Jul 14 19:18:50 ldaprov1 slapd[8459]: conn=30513 op=1 SRCH attr=* +



Here is the configuration for the consumer:

dn: olcDatabase={1}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=mydomain,dc=com
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=mydomain,dc=com
olcSyncUseSubentry: FALSE
olcSyncrepl: {0}rid=002 provider="ldap://ldaprov1.prod:389/"; 
type=refreshAndPe
 rsist retry="60 30 300 +" searchbase="dc=mydomain,dc=com" bindmetho
 d=simple binddn="cn=replica,dc=mydomain,dc=com" credentials=mypasswor
 d
olcMonitoring: TRUE
olcDbCacheSize: 1000
olcDbCheckpoint: 1024 15
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0

And from the consumer side everything looks good if I manual ldapsearch 
with the replica account "cn=replica,dc=mydomain,dc=com"

Can anyone shed some lights on how to troubleshoot this kind of problems?

Thanks,
Daniel