Turn your server debugging to 16512 (128+16384).  Watch your logs form the server to see what it's doing when you make changes.  Like I said before, it's gotta be an ACL

Sellers

On Apr 23, 2008, at 11:49 AM, Jacky Wu wrote:



On Wed, Apr 23, 2008 at 10:37 PM, Aaron Richton <richton@nbcs.rutgers.edu> wrote:
              updatedn="uid=repl_writer,dc=mycompany,dc=com"
I don't think this is valid. Try "slaptest -d config" and/or read slapd.conf(5) man page.


Even though I cannot find the updatedn from syncrepl directory, I copy this from this mailing list. I use debug -d -1, and it do not report error.


*The userpassword does not replicate to slave. *The following is the
replicated result in slave.

If you modify one of the other attributes (cn/sn/etc.), does it make it from the master to the slave?

Yes, other attributes replicates.


Turn up debugging and see what's going on. I'd look for ACL issues first. Are those really your only two access rules?

ldapmodify: Referral (10)
      referrals:

ldap://master:389/uid=testuser,dc=mycompany,dc=com<ldap://master:389/uid=repl_reader,dc=ufreight,dc=com>

This isn't a problem -- the slave is telling you it's a slave and you should be talking to the master. So that's a sign that your config is on the right track.

Yes, that surprises me. Slave tells that it will refer the change to master, but master does not receive any information. I use debug level -1, but cannot find the change arrives in master.



--
John 3:16 For God so loved the world, that He gave His only begotten Son, that whoever believes in Him shall not perish, but have eternal life.
http://www.hkccc.org/flash2.htm

______________________________________________
Chris G. Sellers | NITLE  - Technology Team
AIM: imthewherd | GoogleTalk: cgseller@gmail.com