This problem has been fixed. The solution, for anyone in the future, who has this same issue, is to place clear text passwords in the master LDAP slapd.conf file within the replica credentials line. For example, if your password happens to be "sillyldap", the credential line in the replica area will look like this:
replica uri=ldap://flcsdev1-1.comm.mot.com:389 binddn="uid=Replica,ou=People,dc=ace,dc=mot,dc=com" bindmethod=simple credentials=sillyldap tls=yes
Regards, Barbara
________________________________
From: openldap-software-bounces+xjc864=motorola.com@openldap.org [mailto:openldap-software-bounces+xjc864=motorola.com@openldap.org] On Behalf Of Pantejo Barbara-XJC864 Sent: Saturday, September 15, 2007 10:44 PM To: openldap-software@openldap.org Subject: Error: ldap_simple_bind_s...failed: Invalid credentials
Hi everyone,
I'm a newbie at OpenLDAP; just 3 weeks into installing my first LDAP master server and now trying set up a replica server. I've followed these instructions, http://www.openldap.org/doc/admin23/replication.html, but whenever I execute "/usr/lib/openldap/slurpd -d 3 -t /var/lib/slurpd" on the master server for debugging, the following error message appears:
Error: ldap_simple_bind_s for flcsdev1-1.comm.mot.com:389 failed: Invalid credentials
It's probably a simple configuration issue, but not sure. Do you see anything out of place? Here are my slapd configuration files:
############################### # Master (flcsdev1-2) - slapd.conf ###############################
...
access to * by dn="cn=Manager,dc=ace,dc=mot,dc=com" write by * read ####################################################################### # BDB database definitions ####################################################################### loglevel 768 database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=ace,dc=mot,dc=com" rootdn "cn=Manager,dc=ace,dc=mot,dc=com" rootpw {SSHA}G7ZqsHqlROcDMX1tuV/mUZ6XuVNBAlt6 lastmod on # Replication log file to which slapd will log changes replogfile /var/log/slapd.replog # Replication sites for this database replica uri=ldap://flcsdev1-1.comm.mot.com:389 binddn="uid=Replica,ou=People,dc=ace,dc=mot,dc=com" bindmethod=simple credentials={SSHA}fLayPK23k5YEDV5skWHw/51RH7x1YWTV tls=yes
A Replica userid was created in the database:
flcsdev1-2:/ # ldapsearch -x -W -D "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" -h flcsdev1-2.comm.mot.com "uid=Replica" Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope sub # filter: uid=Replica # requesting: ALL # # Replica, People, ace.mot.com dn: uid=Replica,ou=People,dc=ace,dc=mot,dc=com uid: Replica cn: Replica objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: e1NTSEF9ZkxheVBLMjNrNVlFRFY1c2tXSHcvNTFSSDd4MVlXVFY= shadowLastChange: 13761 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 22222 gidNumber: 100 homeDirectory: /tmp gecos: Replica userid for slave LDAP servers # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 flcsdev1-2:/ #
############################### # Replica (flcsdev1-1) - slapd.conf ###############################
... access to * by dn="cn=Manager,dc=ace,dc=mot,dc=com" write by dn="uid=Replica,ou=People,dc=ace,dc=mot,dc=com" write by * read ####################################################################### # BDB database definitions ####################################################################### loglevel 768 database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=ace,dc=mot,dc=com" rootdn "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" rootpw {SSHA}fLayPK23k5YEDV5skWHw/51RH7x1YWTV lastmod on # Specify the DN allowed to make changes to the replica updatedn "uid=Replica,ou=People,dc=ace,dc=mot,dc=com" # Master LDAP's URL updateref ldap://flcsdev1-2.comm.mot.com:389 ldap://flcsdev1-2.comm.mot.com:389
Any advice and feedback is very much appreciated. If more information is required, please let me know.
Thank you very much, Barbara