I have setup a 2.3.43 master/slave using syncrepl, but some entries are not syncing. I have one entire tree (ou=Domains,dc=example,dc=com) and some entries under another certain tree not coming over to the slave.

Here is my slapd.conf syncrepl entry on the slave with an ip address of 10.0.0.5...

syncrepl rid=120 provider=ldap://10.0.0.6:389 type=refreshAndPersist interval=00:00:05:00 searchbase="dc=example,dc=com" filter="(objectClass=*)" scope=sub schemachecking=off bindmethod=simple binddn="uid=slurpd,ou=Services,dc=example,dc=com" credentials=password

And in my master from slapd.conf...

overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100

My ACL does not contain any specific access for my Domains container, but at the bottom contains...

access to * by sockurl.regex="^ldapi://%2fvar%2frun%2fopenldap%2fldapi/$" write by group.exact="cn=Administrators,dc=example,dc=com" write by self write by users read by peername=10.0.0.5 read by * read

My slurpd uid is a member of the Administrators group entry. Using my Domains tree as an example, I can read the entry no problem...

esmtp# ldapsearch -LLL -h 10.0.0.6 -D uid=slurpd,ou=Services,dc=example,dc=com -W "(ou=Domains)" dn Enter LDAP Password: dn: ou=Domains,dc=example,dc=com

However, I have no Domains container in my slave :(

esmtp# ldapsearch -LLL -h localhost -D uid=slurpd,ou=Services,dc=example,dc=com -W "(ou=Domains)" dn Enter LDAP Password:

Can someone help me shed some light on this problem?