Hello,
I try to replicate the olcAccess, olcLimits and olcDbIndex Attributes here is the Database where the olcx Attributes located on the Master ---------------- dn: olcDatabase={1}mdb,cn=config olcAccess: {0}to dn.exact="" by * read olcAccess: {1}to attr=entry,uid by anonymous auth by * break ... ----------------
I created an ldif to add there olcSyncrepl to the slave: ---------------- dn: olcDatabase={1}mdb,cn=config changetype: modify add:olcSyncrepl olcSyncrepl: rid=001 provider=ldap://ldapserver.example.net type=refreshandpersist retry="60 10 120 5" searchbase="olcDatabase={1}mdb,cn=config" attrs="olcAccess,olcLimits,olcDbIndex" bindmethod=simple binddn="cn=admin,cn=config" credentials=***** ---------------- When I try to add it to my config i always get: ---------------- root@ldapserver-02:/daten# ldapmodify -Y EXTERNAL -H ldapi:/// -f sync-config.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "olcDatabase={1}mdb,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional info: Base DN "olcDatabase={1}mdb,cn=config" is not within the database naming context ----------------
Here are all dn-entries from the master: ---------------- dn: cn=config dn: cn=module{0},cn=config dn: cn=schema,cn=config dn: cn={0}core,cn=schema,cn=config dn: cn={1}cosine,cn=schema,cn=config dn: cn={2}nis,cn=schema,cn=config dn: cn={3}inetorgperson,cn=schema,cn=config dn: cn={4}kerberos,cn=schema,cn=config dn: cn={5}sshkey,cn=schema,cn=config dn: olcBackend={0}mdb,cn=config dn: olcDatabase={-1}frontend,cn=config dn: olcDatabase={0}config,cn=config dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config dn: olcDatabase={1}mdb,cn=config dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config dn: olcOverlay={1}syncprov,olcDatabase={1}mdb,cn=config dn: olcDatabase={2}mdb,cn=config ----------------
And from the slave: ---------------- dn: cn=config dn: cn=module{0},cn=config dn: cn=schema,cn=config dn: cn={0}core,cn=schema,cn=config dn: cn={1}cosine,cn=schema,cn=config dn: cn={2}nis,cn=schema,cn=config dn: cn={3}inetorgperson,cn=schema,cn=config dn: cn={4}kerberos,cn=schema,cn=config dn: cn={5}sshkey,cn=schema,cn=config dn: olcBackend={0}mdb,cn=config dn: olcDatabase={-1}frontend,cn=config dn: olcDatabase={0}config,cn=config dn: olcDatabase={1}mdb,cn=config ----------------
What do I have to put into the "searchbase"?
Replication of the object-DB is working. But I want the ACLs to be replicated too. Here is the ldif-file I used to set up the object-db replication --------------- dn: olcDatabase={1}mdb,cn=config changetype: modify add:olcSyncrepl olcSyncrepl: rid=000 provider=ldap://ldapserver.example.net type=refreshandpersist retry="60 10 120 5" searchbase="dc=example,dc=net" filter="(objectClass=*)" scope=sub schemachecking=off bindmethod=simple binddn="cn=admin,dc=example,dc=net" credentials=***** ---------------
thank's for any help
Stefan