Re: setting rootpw for cn=monitor

[Quanah Gibson-Mount <quanah@zimbra.com>]

--On Tuesday, January 08, 2013 4:34 PM +0000 Chris Card 
<ctcard@hotmail.com> wrote:

> Hi all,
>
> I'm seeing an issue with setting the rootpw for the cn=monitor database
> and syncrepl replication (multi-master syncrepl).
>
> I am seeing this problem with openldap 2.4.31 at the moment, but I intend
> to upgrade to 2.4.34 when that becomes available.
>
> When I just have one LDAP server (ldap1 say), I can set the olcrootdn to
> cn=monitor and set the olcrootpw without any error, so I have something
> like:
>
> Â Âdn: olcDatabase={2}monitor,cn=config
> Â ÂobjectClass: olcDatabaseConfig
> Â ÂolcDatabase: {2}monitor
> Â ÂolcAddContentAcl: FALSE
> Â ÂolcLastMod: TRUE
> Â ÂolcMaxDerefDepth: 15
> Â ÂolcReadOnly: FALSE
> Â ÂolcSyncUseSubentry: FALSE
> Â ÂolcMonitoring: FALSE
> Â ÂolcRootPW: {SSHA}**************
> Â ÂolcRootDN: cn=monitor
>
> When I create another LDAP server (ldap2 say) and set up multi-master
> syncrepl replication for cn=config between ldap1 and ldap2 I see an error
> in the slapd log on ldap2 like:Â
>
> Â ÂÂolcRootPW: value #0: <olcRootPW> can only be set when rootdn is
> under suffix
>
> No olcSuffix is set for the cn=monitor database in the cn=config, but all
> the cn=monitor DNs are of the form cn=X,cn=Y,...,cn=monitor, so it seems
> that the suffix of the cn=monitor database is effectively cn=monitor.
>
> Any ideas?

I suggest you file an ITS if you can reproduce this with current RE24.

--Quanah


--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration