Josh Nielsen wrote:
OLC server (LDAP01 - version 2.4.23) the new master and threw up a new VM called LDAP02 (2.4.23) to become the new sync replication slave/consumer.
Don't use such an ancient version which is four years old now. Many syncrepl issues have been fixed since then (and are to be fixed in upcoming 2.4.40).
And better don't argue that you have to use your favourite distribution's packages. We had this discussion here numerous times.
And of course it could be a ACL issue in your particular configuration. In particular you have
olcRootDN: cn=admin,dc=mydomain,dc=org
but
olcSyncrepl: {0} [..] binddn="cn=root,dc=mydomain,dc=org"
Anyway you should not use rootdn for anything. Set up proper group-based ACLs for service accounts instead.
...
Ciao, Michael.