For syncrepl to work do we need to enable the sasl? I had the sasl disabled and configured to replicate using simple bindmethod, with the following config: syncrepl rid=001 provider=ldap://ldap2.example.com type=refreshAndPersist retry="5 5 300 +" searchbase="o=tld" bindmethod=simple binddn="uid=admin,ou=users,o=tld" credentials=password schemachecking=on
but I get the following error:
slap_client_connect: URI=ldap://ldap2.example.com DN="uid=admin,ou=users,o=tld" ldap_sasl_bind_s failed
(-1)
ldap_sasl_bind_s is the name of the binding function for both simple and SASL binds. It doesn't mean you're performing a SASL bind. If it was a dn/password issue, you would see error code 49. You got error code -1, which seems to imply it cannot open a connection to ldap2.example.com from that server.
--Quanah
Thanks for your response!
ldap1-client <-> slapd2: Communication OK slapd1 <-> ldap2-client: Communication OK slapd1 <-/-> slapd2: Communication failure
Using 'ldapsearch' command, I am able to bind and search on the slapd2 server from the server (slapd1) that is issuing the above error and vice-versa. So, the client modules from one server have no trouble connecting the slapd on the other server, however, the slapd to slapd communication via slap_client_connect for syncrepl seems to have an issue.
I am wondering if there is anything in the cn=config configuration that could lead to this.
Thanks