Hello,This is my first post to this list and unfortunately I come here with a problem. I'm not new to LDAP but I am new to OpenLDAP especially the 2.4 release.
I am trying to get multi master replication working and I've read the documentation several times. I did wonder if this might be a bug but I still think it's probably a misunderstanding on my part.
I have 2 servers configured for multi master replcation which I will refer to as server A and B. If I start both servers I can make changes on server A which are immediately replicated to server B. However if I then start making changes to server B I don't see replication back to A. The same thing happens if I initiate replication from B, then replication to A works but not the other way around. i.e. replication only works in 1 direction which is determined by which server I make changes on first. I am using slapd.conf as I didn't want to complicate matters by introducing online config. The specific version is 2.4.31. Connectivity between the servers is working fine - I can perform LDAP operations in both directions.
If someone could take a look at my config I'd much appreciate it.
Thanks
Neil
#slapd.conf Server A (10.5.1.110)
pidfile /usr/local/openldap/var/run/slapd.pid
argsfile /usr/local/openldap/var/run/slapd.args
include /usr/local/openldap/etc/schema/core.schema
include /usr/local/openldap/etc/schema/cosine.schema
include /usr/local/openldap/etc/schema/solaris.schema
include /usr/local/openldap/etc/schema/inetorgperson.schema
include /usr/local/openldap/etc/schema/DUAConfigProfile.schema
include /usr/local/openldap/etc/schema/sudo.schema
modulepath /usr/local/openldap/libexec
access to attrs=userPassword
by self write
by * auth
by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write
access to dn.base=""
by * read
access to *
by self write
by users read
by anonymous read
serverID 1
database hdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod on
directory /usr/local/openldap/var/openldap-data
index objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index cn,sn,gn,mail eq,sub
syncrepl rid=001
type=refreshAndPersist
searchbase="dc=example,dc=com"
attrs="*,+"
bindmethod=simple
binddn="cn=manager,dc=example,dc=com"
credentials="secret"
mirrormode TRUE
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
#######################################################
#slapd.conf server B (10.7.82.3)
pidfile /usr/local/openldap/var/run/slapd.pid
argsfile /usr/local/openldap/var/run/slapd.args
include /usr/local/openldap/etc/schema/core.schema
include /usr/local/openldap/etc/schema/cosine.schema
include /usr/local/openldap/etc/schema/solaris.schema
include /usr/local/openldap/etc/schema/inetorgperson.schema
include /usr/local/openldap/etc/schema/DUAConfigProfile.schema
include /usr/local/openldap/etc/schema/sudo.schema
modulepath /usr/local/openldap/libexec
access to attrs=userPassword
by self write
by * auth
by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write
access to dn.base=""
by * read
access to *
by self write
by users read
by anonymous read
serverID 2
database hdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod on
directory /usr/local/openldap/var/openldap-data
index objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index cn,sn,gn,mail eq,sub
syncrepl rid=001
type=refreshAndPersist
searchbase="dc=example,dc=com"
attrs="*,+"
bindmethod=simple
binddn="cn=manager,dc=example,dc=com"
credentials="secret"
mirrormode TRUE
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
#######################################################