On Thu, 2015-01-01 at 23:17 +0100, Michael Ströder wrote:
Brendan Kearney wrote:
On Thu, 2015-01-01 at 22:35 +0100, Michael Ströder wrote:
Brendan Kearney wrote:
On Wed, 2014-12-31 at 13:50 -0800, Quanah Gibson-Mount wrote:
--On Wednesday, December 31, 2014 3:31 PM -0500 Brendan Kearney bpk678@gmail.com wrote:
/usr/sbin/slapd -u ldap -h "ldapi:/// ldap:///" -4 -d9
olcServerID: 1 ldap://ldap1.bpk2.com olcServerID: 2 ldap://ldap2.bpk2.com
not sure what is wrong. can someone point me in the right direction?
Your -h argument clearly does not match anything in olcServerID. Seems fairly clear to me, which is what the error message you received was pointing out. ;)
its looking for cn=Subschema, which does not exist on the instance that wont start, does not exist on the MMR mirror instance, and cannot be added to the MMR mirror instance.
54a5a578 send_ldap_result: conn=-1 op=0 p=0 54a5a578 >>> dnNormalize: <cn=Subschema> 54a5a578 <<< dnNormalize: <cn=subschema> 54a5a578 read_config: no serverID / URL match found. Check slapd -h arguments.
Why don't you read Quanah's clear answer more carefully?
because it is irrelevant.
clearly, the above proves that the parameters i am using are not the problem.
You're wrong: If you use LDAP URIs in server IDs this LDAP URI has to be used with -h.
But of course you're free to ignore advice. But don't whine if you're ignored then.
Ciao, Michael.
stated where?
-h URLlist slapd will by default serve ldap:/// (LDAP over TCP on all interfaces on default LDAP port). That is, it will bind using INADDR_ANY and port 389. The -h option may be used to specify LDAP (and other scheme) URLs to serve. For example, if slapd is given -h "ldap://127.0.0.1:9009/ ldaps:/// ldapi:///", it will listen on 127.0.0.1:9009 for LDAP, 0.0.0.0:636 for LDAP over TLS, and LDAP over IPC (Unix domain sockets). Host 0.0.0.0 represents INADDR_ANY (any interface). A space separated list of URLs is expected. The URLs should be of the LDAP, LDAPS, or LDAPI schemes, and generally without a DN or other optional parameters (excepting as discussed below). Support for the latter two schemes depends on selected configuration options. Hosts may be specified by name or IPv4 and IPv6 address formats. Ports, if specified, must be numeric. The default ldap:// port is 389 and the default ldaps:// port is 636.
For LDAP over IPC, name is the name of the socket, and no port is required, nor allowed; note that directory separators must be URL-encoded, like any other characters that are special to URLs; so the socket
/usr/local/var/ldapi
must be specified as
ldapi://%2Fusr%2Flocal%2Fvar%2Fldapi
The default location for the IPC socket is /var/run/ldapi
The listener permissions are indicated by "x-mod=-rwxrwxrwx", "x-mod=0777" or "x-mod=777", where any of the "rwx" can be "-" to suppress the related permission, while any of the "7" can be any legal octal digit, according to chmod(1). The listeners can take advantage of the "x-mod" extension to apply rough limitations to operations, e.g. allow read operations ("r", which applies to search and compare), write operations ("w", which applies to add, delete, modify and modrdn), and execute operations ("x", which means bind is required). "User" per‐ missions apply to authenticated users, while "other" apply to anonymous users; "group" permissions are ignored. For example, "ldap:///????x-mod=-rw-------" means that read and write is only allowed for authenticated connections, and bind is required for all opera‐ tions. This feature is experimental, and requires to be manually enabled at configure time.
serverID <integer> [<URL>] Specify an integer ID from 0 to 4095 for this server (limited to 3 hexadecimal digits). The ID may also be specified as a hexadecimal ID by prefixing the value with "0x". These IDs are required when using multimaster replication and each master must have a unique ID. Note that this requirement also applies to separate masters contributing to a glued set of databases. If the URL is provided, this directive may be specified multiple times, providing a complete list of participating servers and their IDs. The fully qualified hostname of each server should be used in the supplied URLs. The IDs are used in the "replica id" field of all CSNs generated by the specified server. The default value is zero. Example:
serverID 1
also, i did try that, as i put A, CNAME and IP values into the ldap://<...>/ URL, and all three failed.