I am newbie, I am trying to configure Syncrepl beetwen 2 OpenLDAP servers. I have read FAQ, Admin's guide, mailing lists, but I didn't find any answer about my problem.
The master server is on 192.168.1.255 subnet and is working fine. Now I am triyng to replicate it to another server in 192.168.123.255 subnet.
Replication from provider to consumer works good (if I write an entry in provider, it will be replicated to consumer), but if I try to write to consumer (ldapadd -x -D cn=Manager,dc=DOMAIN -W -f file.ldif) I get only this answer:
adding new entry "cn=newentry,dc=DOMAIN" ldap_add: Referral (10) referrals: ldap://192.168.1.100/cn=newentry,dc=DOMAIN
but nothing appears in provider's log and LDAP databases.
How can configure Syncrepl in order to write to consumer and replicate entries to provider too? (OpenLDAP: slapd 2.3.30 on Debian Etch).
Following examples in FAQ, I configured provider and consumer as showed below:
=================CONSUMER================= [cut] suffix "dc=DOMAIN" rootdn "cn=Manager,dc=DOMAIN" rootpw {SSHA}something-hashed [cut] access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword by dn="cn=syncuser,dc=DOMAIN" write by anonymous auth by self write by * none
access to dn.base="" by * read
# The admin dn has full write access, everyone else # can read everything. access to * by dn="cn=syncuser,dc=DOMAIN" write by * read
syncrepl rid=1 provider=ldap://192.168.1.100:389 type=refreshAndPersist retry="60 +" searchbase="dc=DOMAIN" scope=sub schemachecking=off bindmethod=simple binddn="cn=syncuser,dc=DOMAIN" credentials=secret
updateref ldap://192.168.1.100
=================PROVIDER================= [cut] suffix "dc=DOMAIN"
rootdn "cn=Manager,dc=DOMAIN"
rootpw {SSHA}something-hashed overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 [cut] access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword by dn="cn=admin,dc=ENIGMA" write by dn="cn=syncuser,dc=ENIGMA" write by anonymous auth by self write by * none
access to * by dn="cn=admin,dc=ENIGMA" write by dn="cn=syncuser,dc=ENIGMA" write by * read
___________________________________ L'email della prossima generazione? Puoi averla con la nuova Yahoo! Mail: http://it.docs.yahoo.com/nowyoucan.html