Dear Aaron,

Thanks your testing method.

The ACL for both master and slave is:
access to *
   by * write

I tried to modify the master in slave by the "-h master", and it succeeded!
Command: ldapadd -x -f /group.ldif -D uid=myname,dc=mycompany,dc=com -w secret -h master.server

group.ldif is:
dn: ou=groups,dc=ufreight,dc=com
objectClass: organizationalUnit
ou: groups

It succeeded in adding group.ldif to master. After the master changes, the group.ldif also replicates to slave.

Then I delete the group.ldif, and tried to add it to slave:
Command: ldapadd -x -f /group.ldif -D uid=myname,dc=mycompany,dc=com -w secret
Result:
adding new entry "ou=groups,dc=mycompany,dc=com"
ldapadd: Referral (10)
        referrals:
                ldap://master.server:389/ou=groups,dc=mycompany,dc=com

Although slave reports that it refer the group.ldif to master, master received nothing about group.ldif. Neither master or slave add the group.ldif.

How to set up referral in slave? I only use following directive. Is this right?
updateref ldap://master:389

How can I trace the referral? Thank you.

Best regards,
Jacky

On Thu, Apr 24, 2008 at 1:02 AM, Aaron Richton <richton@nbcs.rutgers.edu> wrote:

Yes, that surprises me. Slave tells that it will refer the change to master,
but master does not receive any information. I use debug level -1, but
cannot find the change arrives in master.

I forget the exact arguments you used, but it's probably your job to follow the referral. i.e., you should be running
ldapmodify -H ldap://master/...

But certainly if you're not seeing the change at the master you can't be surprised that it's not at a slave!

--
John 3:16 For God so loved the world, that He gave His only begotten Son, that whoever believes in Him shall not perish, but have eternal life.
http://www.hkccc.org/flash2.htm