--On Wednesday, January 24, 2024 8:28 AM +0200 Viktor Keremedchiev 
<vkeremedchiev@adaptavist.com> wrote:

> Hello,
> I'm somewhat not experienced with LDAP on the server side of things
> I'm importing openldap 2.4. into 2.6.3. (rockylinux 9). My goal is to 2
> have 2 N-way (or multi-master*) ldap nodes. I've changed hdb to mdb,
> created accesslog folder, fixed permissions, SSL etc
> The import doesn't throw any errors. My understanding is that I need to
> have cn=config replication, as well as my small dc=domain,dc=com,
> replication as well

It is not required to have cn=config replication. And I would note that 
OpenLDAP 2.6.3 is fairly old at this point with significant fixes done to 
the 2.6 series since its release.  I'd advise using a current release of 
OpenLDAP 2.6.

> The cn=config replication I call via this on both nodes followed by
> restarts
> 
> 
> dn: cn=config
> changetype: modify
> replace: olcServerID
> olcServerID: 1

Each server must have its own, unique, serverID.  If you are going to use 
cn=config replication, then you *must* use the

olcServerID: # URI

format.

> 
> Now once I do that I've experimented with changing the olcLogLevel and
> it seems to work. The rid's on each node are different server2 has
> rid=002, server 1 has rid=001 as well as different olcServerID

RIDs must be unique INSIDE a particular server, but different servers can 
use the same RID values.

> What am I doing wrong? Perhaps more than one thing

I'd suggest starting with just getting back-mdb replication working between 
the nodes.

Side note, your configuration for the accesslog DB is missing an index on 
'reqDN'.

--Quanah