I know, I am not completely there yet, but I found a current OpenSuSE running openldap 2.3.37 and the same thing ocurred - it synced (into a previously empty /var/lib/ldap) and everything was there except for userPassword... are you sure this is not a configuration issue? I still suspect I got something badly mixed up there.. I just cannot figure out wht it is... I am grabbing a 2.3.40 tar-ball now and see what happens...
thanks
Thomas
Pierangelo Masarati wrote:
Thomas Kirchtag wrote:
I am using OpenLDAP 2.3.25 (most current in Debian stable). I tried to follow Quanahs suggestion and added
access to * by dn="cn=admin,dc=int,dc=ipodion,dc=at" write by * read
on the consumer side, but it didn't change anything. I delete /var/lib/ldap/* and startet slapd but still: consumer /etc/ldap# slapcat | grep userPass consumer /etc/ldap#
I'd hate to leave the commodity of package management by installing the openLDAP tar-ball but if no other solution is available I will have to...
I insist: there should be no bug, but only a complete refresh (e.g., create a new consumer from scratch) should reveal it. If, for example, you had an ACL issue at the time replication occurred, and later on you fixed it, it will never re-sync unless forced.
An upgrade would definitely be quite beneficial, anyway, given the long list of fixed issues between 2.3.25 and 2.3.40.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it
Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it