Hi folks!
I'm trying to set up a working multi-master syncrepl. Both servers I can
connect to (using Apache Directory Studio), but nothing is synced. Starting
slapd with -d 16384 -d 32768 (sync + none) only produces the following logs
on both servers:
---
5b0b0988 do_syncrep2: rid=005 LDAP_RES_SEARCH_RESULT
5b0b0988 do_syncrep2: rid=002 LDAP_RES_SEARCH_RESULT
5b0b0992 do_syncrep2: rid=005 LDAP_RES_SEARCH_RESULT
---
This is my configuration:
---
dn: cn=config
objectClass: olcGlobal
cn: config
olcPidFile: /var/run/openldap/slapd.pid
olcTLSCACertificateFile: /usr/local/etc/openldap/ca
olcTLSCertificateFile: /usr/local/etc/openldap/crt
olcTLSCertificateKeyFile: /usr/local/etc/openldap/key
olcAuthzRegexp: {0}"gidNumber=0\+uidNumber=0,cn=peercred,cn=external,cn=auth" "cn=admin,$basedn"
olcAuthzRegexp: {1}"uid=root,cn=$domain,cn=gssapi,cn=auth" "cn=admin,$basedn"
olcAuthzRegexp: {2}"uid=dc(1|2),cn=$domain,cn=gssapi,cn=auth" "cn=admin,$basedn"
olcServerID: 1 ldap://dc1.$domain/
olcServerID: 2 ldap://dc2.$domain/
olcSaslRealm: $domain
olcLogLevel: 0
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
include: file:///usr/local/etc/openldap/schema/core.ldif
include: file:///usr/local/etc/openldap/schema/cosine.ldif
include: file:///usr/local/etc/openldap/schema/inetorgperson.ldif
include: file:///usr/local/etc/openldap/schema/dyngroup.ldif
include: file:///usr/local/etc/openldap/schema/ppolicy.ldif
include: file:///usr/local/etc/openldap/schema/nis.ldif
include: file:///usr/local/etc/openldap/schema/hdb.ldif
include: file:///usr/local/etc/openldap/schema/samba.ldif
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/local/libexec/openldap
olcModuleLoad: {0}back_mdb
olcModuleLoad: {2}syncprov
olcModuleLoad: {2}rwm
olcModuleLoad: {3}back_relay
#olcModuleLoad: {4}smbk5pwd
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by * none
olcRootDN: $rootdn
olcSyncrepl: {0}rid=001 provider=ldap://dc1.$domain/ bindmethod=simple binddn="cn=admin,$basedn" credentials="secret" searchbase="cn=config" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=002 provider=ldap://dc2.$domain/ bindmethod=simple binddn="cn=admin,$basedn" credentials="secret" searchbase="cn=config" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcSuffix: $basedn
olcRootDN: cn=admin,$basedn
olcDbDirectory: /var/db/openldap/$domain
olcSyncrepl: {0}rid=004 provider=ldap://dc1.$domain/ bindmethod=simple binddn="cn=admin,$basedn" credentials="secret" searchbase="$basedn" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=005 provider=ldap://dc2.$domain/ bindmethod=simple binddn="cn=admin,$basedn" credentials="secret" searchbase="$basedn" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
---
What's the problem?
Best wishes,
Fabiano