I have set up a slave ldap server for syncrepl and seem to be unable to get it to repicate. There is nothing logged on the slave at all. ACL logging on the master shows the slave connecting and seeming to get access - see below.
On the MAIN SERVER I HAVE
access to attrs=userPassword,shadowLastChange
by self =xw
by anonymous auth
by dn="cn=sync,dc=my company,dc=com" read
by * none
access to *
by self write
by dn="cn=sync,dc=my company,dc=com" read
by users read
by * read
# Replication stuff
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 200
ON THE SLAVE I HAVE
access to *
by self write
by dn="cn=sync,dc=my company,dc=com" write
by users read
by anonymous auth
loglevel sync config acl
logfile /tmp/ldaptmp
syncrepl rid=123
type=refreshOnly
interval=01:00:00:00
searchbase="dc=my company,dc=com"
filter="(objectClass=*)"
scope=sub
attrs="*,+"
schemachecking=off
retry="60 10 300 3"
logbase="cn=accesslog"
syncdata=accesslog
bindmethod=simple
binddn="cn=sync,dc=my company,dc=com"
credentials="password"
AUTH OUTPUT FROM THE MASTER
Nov 26 10:48:04 envy slapd[19774]: => acl_mask: to value by "", (=0)
Nov 26 10:48:04 envy slapd[19774]: <= check a_dn_pat: self
Nov 26 10:48:04 envy slapd[19774]: <= check a_dn_pat: cn=sync,dc=imagreendriver,dc=com
Nov 26 10:48:04 envy slapd[19774]: <= check a_dn_pat: users
Nov 26 10:48:04 envy slapd[19774]: <= check a_dn_pat: *
Nov 26 10:48:04 envy slapd[19774]: <= acl_mask: [4] applying read(=rscxd) (stop)
Nov 26 10:48:04 envy slapd[19774]: <= acl_mask: [4] mask: read(=rscxd)
Nov 26 10:48:04 envy slapd[19774]: => slap_access_allowed: read access granted by read(=rscxd)
ldapsearch -H ldaps:/// -x -b 'dc=my company,dc=com' '(objectclass=*)' -s sub
# extended LDIF
#
# LDAPv3
# base <dc=my company,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
# numResponses: 1