Problems with openldap replication with slurpd. "unknown error" - openldap-software

5 Oct 2006


      Problems with openldap replication with slurpd
Hi. Trying to make openldap replication
Master server is openldap 2.0.27_3, slave server is openldap 2.2.30
Using stunnel to get acces to slave ldap
master:localhost:636 -> stunnel -> slave:127.0.0.1:389
Master server config
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/samba.schema
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
loglevel       64
atabase         ldbm
cachesize       10000
dbcachesize     1000000
threads         128
dbnosync
dbsync          2 12 5
sizelimit       10000
suffix          "o=campus,c=ru"
rootdn          "cn=Manager,o=campus,c=ru"
rootpw          {SSHA}password1
directory       /var/db/openldap-ldbm
replogfile      /var/log/slurpd.replog
replica         host=127.0.0.1:636
                binddn="cn=replicator,o=campus,c=ru"
                bindmethod=simple
                credentials=bind_password
index       objectClass           eq
index           uid           pres,eq
index           rid           eq
index           uidNumber     eq
index           gidNumber     eq
index           cn            eq,subinitial
index           memberUid     eq
index           gecos         eq
index           description   eq
index           default       sub
access to attr=userPassword,lmPassword,ntPassword
       by self write
       by * auth
access to *
       by * read
-----------------------------------------------------
Slave LDAP config
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/samba.schema
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
loglevel        64
database        bdb
suffix          "o=campus,c=ru"
rootdn          "cn=Manager,o=campus,c=ru"
rootpw          {SSHA}paasswoord2
directory       /var/db/openldap-data
index       objectClass     eq
index           uid           pres,eq
index           rid           eq
index           uidNumber     eq
index           gidNumber     eq
index           cn            eq
index           memberUid     eq
index           gecos         eq
index           description   eq
index           default       sub
access to *
       by dn="cn=replicator,o=campus,c=ru" write
       by * read
First, i am doing "slapcat" at master server and adding LDIFF file to 
SLAVE ldap.
Then i turning on replication by adding lines
updatedn        "cn=replicator,o=campus,c=ru"
updateref       ldap://127.0.0.1:636
to the slave config file.
Master has no runnig slurpd. I am adding new samba user at master and 
receiving replog file.
Running daemon slurpd at master i receiving "unknown error" then adding 
new user at slave.
But when i changes something at existent users 
(password,description,etc) - it replies to slave! Coult you help me to 
find bug with replica then adding user?
Here is some files:
slurpd.replog
replica: 127.0.0.1:636
time: 1160060587.0
dn: uid=test0981,ou=People,o=campus,c=ru
changetype: add
objectClass: top
objectClass: account
objectClass: posixAccount
cn: test0981
uid: test0981
uidNumber: 11686
gidNumber: 545
homeDirectory: /home/test0981
loginShell: /usr/bin/false
gecos: System User
description: System User
userPassword:: e2NyeXB0fXg=
creatorsName: cn=Manager,o=campus,c=ru
createTimestamp: 20061005150306Z
modifiersName: cn=Manager,o=campus,c=ru
modifyTimestamp: 20061005150306Z
replica: 127.0.0.1:636
time: 1160060596
dn: uid=test0981,ou=People,o=campus,c=ru
changetype: modify
replace: objectClass
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaAccount
-
replace: logonTime
logonTime: 0
-
replace: logoffTime
logoffTime: 2147483647
-
...
...
127.0.0.1:636.rej
ERROR: Unknown error
replica: 127.0.0.1:636
time: 1160057891.0
dn: uid=test6789,ou=People,o=campus,c=ru
changetype: add
objectClass: top
objectClass: account
objectClass: posixAccount
cn: test6789
uid: test6789
uidNumber: 11685
gidNumber: 545
homeDirectory: /home/test6789
loginShell: /usr/bin/false
gecos: System User
description: System User
userPassword:: e2NyeXB0fXg=
creatorsName: cn=Manager,o=campus,c=ru
createTimestamp: 20061005141804Z
modifiersName: cn=Manager,o=campus,c=ru
modifyTimestamp: 20061005141804Z
ERROR: No such object
replica: 127.0.0.1:636
time: 1160057921.0
dn: uid=test6789,ou=People,o=campus,c=ru
changetype: modify
replace: objectClass
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaAccount
-
...
...
slurpd -d 64
output:
...<skip> ...
Config: (directory      /var/db/openldap-ldbm)
Config: (replogfile      /var/log/slurpd.replog)
Config: (replica         host=127.0.0.1:636                
binddn="cn=replicator,o=campus,c=ru"                
bindmethod=simple                
credentials=campus_replicator                                                                                                 
)
Config: ** successfully added replica "127.0.0.1:636"
Config: (index  objectClass           eq)
Config: (index           uid           pres,eq)
Config: (index           rid           eq)
Config: (index           uidNumber     eq)
Config: (index           gidNumber     eq)
Config: (index           cn            eq,subinitial)
Config: (index           memberUid     eq)
Config: (index           gecos         eq)
Config: (index           description   eq)
Config: (index           default       sub)
Config: (access to attr=userPassword,lmPassword,ntPassword       by self 
write       by * auth)
Config: (access to *       by * read)
Config: ** configuration file successfully read and parsed
ber_flush: 58 bytes to sd 8
request 1 done
ber_flush: 418 bytes to sd 8
request 2 done
...
...
request 6 done
Error: ldap_add_s failed adding "Unknown error": 
uid=test6789,ou=People,o=campus,c=ru
Error: ldap operation failed, data written to 
"/var/db/openldap-slurp/replica/127.0.0.1:636.rej"
ber_flush: 51784 bytes to sd 8
request 7 done
ber_flush: 471 bytes to sd 8
request 8 done
Error: ldap_modify_s failed modifying "No such object": 
uid=test6789,ou=People,o=campus,c=ru
Error: ldap operation failed, data written to 
"/var/db/openldap-slurp/replica/127.0.0.1:636.rej"
ber_flush: 418 bytes to sd 8
request 9 done
Error: ldap_modify_s failed modifying "No such object": 
uid=test6789,ou=People,o=campus,c=ru
Error: ldap operation failed, data written to 
"/var/db/openldap-slurp/replica/127.0.0.1:636.rej"
ber_flush: 315 bytes to sd 8
request 10 done
...
WBR,  Yushin Roman