Ulises Gonzalez Horta
Lead Linux Engineer
C: 786 450 2970/ 240 727 6267
E: ugonzalezhorta@breezeline.com
--On Friday, December 27, 2024 10:34 AM -0500 Ulises Gonzalez Horta
<ugonzalezhorta@breezeline.com> wrote:
>
>
> Good morning
>
> I am trying to setup a replication in ldap 2.5, using syncrepl, I have a
> provider server and a consumer, both of the servers are running 2.5.11
> from Ubuntu 22.04, I followed the admin guide chapter 18.3.1 to do the
> configuration. I have some information on the provider that is
> successfully being replicated to the consumer without any errors
>
>
> Consumer configuration
> ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config olcSyncRepl
> olcUpdateref
> dn: olcDatabase={1}mdb,cn=config
> olcSyncrepl: {0}rid=100 provider=ldap://provider:389 type=refr
> eshOnly interval=00:00:05:00 retry="300 +"
> searchbase="dc=metrocast,dc=net" f
> ilter="(|(entryDN:=dc=metrocast,dc=net)(entryDN:dnOneLevelMatch:=dc=met
Why do you have such a complicated filter?
> On the consumer this same query returns error 49
>
> ldapsearch -Z -LLL -H ldap://providert:389 -D
> "uid=user1,ou=employees,dc=metrocast,dc=net" -W -b
> "ou=employees,dc=metrocast,dc=net" "(mail=*pepe@breezeline.com)
Either:
a) The user entry doesn't exist
b) The user entry is missing the userPassword attribute
c) The ACLs don't allow anonymous "auth" access on the userPassword
attribute
--Quanah