I'm trying to replace OpenLDAP 2.3.x with 2.4.18 (this project started before 2.4..19 came out). The old configuration uses slurpd, hence I have been tasked to set up a producer/consumer replication via syncrepl using the push model. I'm following the example from the admin guide but I have to modify the suffix/searchbase to be "" (as we allow pretty much anything in the DB).
Doing this causes these log messages (loglevel 0x4000):
on the master: do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE do_syncrep2: cookie=rid=001,sid=001,csn=20091014205621.868761Z#000000#001#000000 slap_queue_csn: queing 0x2aaaac001d90 20091014205621.868761Z#000000#001#000000 null_callback : error code 0x35 syncrepl_updateCookie: rid=001 be_modify failed (53)
on the consumer: slap_queue_csn: queing 0xd8e3a30 20091014205621.868761Z#000000#001#000000 slap_graduate_commit_csn: removing 0xd8e3b00 20091014205621.868761Z#000000#001#000000 conn=0 op=42 do_modify: root dse!
This seems to be a problem with ``searchbase=""'' (in ``syncrepl''). If it is changed to ``searchbase="dc=com"'' (and matching ``suffix "dc=com"'' for ``database ldap'') the error does not occur.
Is it possible to achieve what we want using some other options?
Relevant parts from master slapd.conf: ---------------------------------------- database monitor
database bdb directory /var/ldap/openldap-bdb suffix "" rootdn "cn=Manager" rootpw syncroni index entryCSN,entryUUID eq serverID 001 overlay syncprov
database ldap hidden on suffix "" rootdn "cn=slapd-ldap" uri ldap://CONSUMER.HOST/ lastmod on restrict all
acl-bind bindmethod=simple binddn="cn=Monitor" credentials=password
syncrepl rid=001 provider=ldap://localhost/ bindmethod=simple binddn="cn=Manager" credentials=syncroni scope=children searchbase="" filter="(objectClass=*)" type=refreshAndPersist retry="5 2 300 2" ----------------------------------------
relevant parts from consumer slapd.conf: ---------------------------------------- database monitor rootdn "cn=Monitor" rootpw password
database bdb directory /var/ldap/openldap-bdb suffix "" index entryUUID eq access to dn.subtree="" attrs=hasSubordinates by dn.exact="cn=Monitor" none by * read access to dn.subtree="" by dn.exact="cn=Monitor" write by * read updatedn "cn=Monitor" updateref ldap://MASTER.HOST/ ----------------------------------------