Hi,
I tried to do a Multimaster Replication the replication works quite nice, but
since I activated it I can't edit my ldap directory. When ever I try to I
get "server is unwilling to perform". It seems as I'm not authenticated, but
I am. I use openldap 2.4.7 in debian testing.
Here is the logfile:
daemon: read active on 17
connection_get(17)
connection_get(17): got connid=3
connection_read(17): checking for input on id=3
conn=3 op=0 do_bind
>>> dnPrettyNormal: <cn=admin,dc=bar,dc=de>
<<< dnPrettyNormal: <cn=admin,dc=bar,dc=de>, <cn=admin,dc=bar,dc=de>
conn=3 op=0 BIND dn="cn=admin,dc=bar,dc=de" method=128
do_bind: version=3 dn="cn=admin,dc=bar,dc=de" method=128
==> bdb_bind: dn: cn=admin,dc=bar,dc=de
conn=3 op=0 BIND dn="cn=admin,dc=bar,dc=de" mech=SIMPLE ssf=0
do_bind: v3 bind: "cn=admin,dc=bar,dc=de" to "cn=admin,dc=bar,dc=de"
send_ldap_result: conn=3 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
conn=3 op=0 RESULT tag=97 err=0 text=
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
daemon: activity on 1 descriptor
daemon: activity on:
17r
daemon: read active on 17
connection_get(17)
connection_get(17): got connid=3
connection_read(17): checking for input on id=3
conn=3 op=1 do_add
conn=3 op=1 do_add: dn (ou=foo,dc=bar,dc=de)
>>> dnPrettyNormal: <ou=foo,dc=bar,dc=de>
<<< dnPrettyNormal: <ou=foo,dc=bar,dc=de>, <ou=foo,dc=bar,dc=de>
conn=3 op=1 ADD dn="ou=foo,dc=bar,dc=de"
bdb_dn2entry("ou=foo,dc=bar,dc=de")
=> bdb_dn2id("ou=foo,dc=bar,dc=de")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
(-30990)
bdb_referrals: tag=106 target="ou=foo,dc=bar,dc=de" matched="dc=bar,dc=de"
send_ldap_result: conn=3 op=1 p=3
send_ldap_result: err=53 matched="" text="shadow context; no update referral"
send_ldap_response: msgid=2 tag=105 err=53
conn=3 op=1 RESULT tag=105 err=53 text=shadow context; no update referral
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
daemon: activity on 1 descriptor
Config for Host 1 and 2 are equal:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/sudo.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel any
modulepath /usr/lib/ldap
moduleload back_bdb
moduleload syncprov.la
moduleload accesslog.la
sizelimit 500
tool-threads 1
backend bdbdatabase bdb
suffix "dc=bar,dc=de"
rootdn "cn=admin,dc=bar,dc=de"
rootpw "f00b4r"
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index objectclass,entryCSN,entryUUID eq
lastmod on
checkpoint 512 30access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=bar,dc=de" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=bar,dc=de" write
by * read
syncrepl rid=000
provider=ldap://legs.bar.de
type=refreshAndPersist
retry="5 5 300 +"
searchbase="dc= bar,dc=de"
attrs=*
schemachecking=on
bindmethod=simple
binddn="cn=admin,dc=bar,dc=de"
credentials="f00b4r"
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100