Hi everyone,
I'm a newbie at OpenLDAP; just 3 weeks into installing my first LDAP master server and now trying set up a replica server. I've followed these instructions, http://www.openldap.org/doc/admin23/replication.html, but whenever I execute "/usr/lib/openldap/slurpd -d 3 -t /var/lib/slurpd" on the master server for debugging, the following error message appears:
Error: ldap_simple_bind_s for flcsdev1-1.comm.mot.com:389 failed: Invalid credentials
It's probably a simple configuration issue, but not sure. Do you see anything out of place? Here are my slapd configuration files:
############################### # Master (flcsdev1-2) - slapd.conf ###############################
...
access to * by dn="cn=Manager,dc=ace,dc=mot,dc=com" write by * read ####################################################################### # BDB database definitions ####################################################################### loglevel 768 database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=ace,dc=mot,dc=com" rootdn "cn=Manager,dc=ace,dc=mot,dc=com" rootpw {SSHA}G7ZqsHqlROcDMX1tuV/mUZ6XuVNBAlt6 lastmod on # Replication log file to which slapd will log changes replogfile /var/log/slapd.replog # Replication sites for this database replica uri=ldap://flcsdev1-1.comm.mot.com:389 binddn="uid=Replica,ou=People,dc=ace,dc=mot,dc=com" bindmethod=simple credentials={SSHA}fLayPK23k5YEDV5skWHw/51RH7x1YWTV tls=yes
A Replica userid was created in the database:
flcsdev1-2:/ # ldapsearch -x -W -D "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" -h flcsdev1-2.comm.mot.com "uid=Replica" Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope sub # filter: uid=Replica # requesting: ALL # # Replica, People, ace.mot.com dn: uid=Replica,ou=People,dc=ace,dc=mot,dc=com uid: Replica cn: Replica objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: e1NTSEF9ZkxheVBLMjNrNVlFRFY1c2tXSHcvNTFSSDd4MVlXVFY= shadowLastChange: 13761 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 22222 gidNumber: 100 homeDirectory: /tmp gecos: Replica userid for slave LDAP servers # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 flcsdev1-2:/ #
############################### # Replica (flcsdev1-1) - slapd.conf ###############################
... access to * by dn="cn=Manager,dc=ace,dc=mot,dc=com" write by dn="uid=Replica,ou=People,dc=ace,dc=mot,dc=com" write by * read ####################################################################### # BDB database definitions ####################################################################### loglevel 768 database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=ace,dc=mot,dc=com" rootdn "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" rootpw {SSHA}fLayPK23k5YEDV5skWHw/51RH7x1YWTV lastmod on # Specify the DN allowed to make changes to the replica updatedn "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" # Master LDAP's URL updateref ldap://flcsdev1-2.comm.mot.com:389 ldap://flcsdev1-2.comm.mot.com:389
Any advice and feedback is very much appreciated. If more information is required, please let me know.
Thank you very much, Barbara