--On Thursday, January 2, 2025 9:37 AM -0500 Ulises Gonzalez Horta ugonzalezhorta@breezeline.com wrote:
Hi Shawn
After closely inspecting both/all entries with slapcat on each of the servers I confirmed that all the user entries are being replicated -except- for the userPassword one. So it looks like we found the issue.
Question is how to fix it, why is it not replicating the userPassword attribute?
I have removed my filter entry from my olcSyncrepl, now it looks like this
olcSyncrepl: {0}rid=100 provider=ldap://master:389 type=refr eshOnly interval=00:00:05:00 retry="300 +" searchbase="dc=metrocast,dc=net" t imelimit=unlimited sizelimit=unlimited bindmethod=simple binddn="cn=repl,ou=boxes,dc=metrocast,dc=net" credentials="aaa" starttls =critical tls_cacertdir="/etc/ldap/certs"
But still not replicating the userPassword attribute, any clue??
Likely your provider does not grant read access for the userPassword attribute to the "cn=repl,ou=boxes,dc=metrocast,dc=net" user. You should be able to test this from the command line with ldapsearch.
--Quanah