The problem direction has the same syncrepl configuration as the working one except for the rid and provider name:
olcSyncrepl: {0} rid=102 provider="ldap://server2.prod:389/" type=refreshAndPersist retry="60 30 300 +" keepalive=1200:10:3 searchbase="dc=mydomain,dc=com" bindmethod=simple binddn="cn=replica,dc=mydomain,dc=com" credentials=xxxxxx starttls=critical tls_cacert="/etc/pki/CA/cacert.pem"
On the consumer side I am seeing these messages:
Sep 22 22:02:02 ldaprov1 slapd[15466]: do_syncrep2: rid=102 got search entry without Sync State control Sep 22 22:02:02 ldaprov1 slapd[15466]: do_syncrepl: rid=102 rc -1 retrying (29 retries left)
and on the provider side I am seeing these:
Sep 22 18:02:36 localhost slapd[20718]: conn=1071 fd=21 ACCEPT from IP=10.10.2.103:35671 (IP=0.0.0.0:389) Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=0 STARTTLS Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=0 RESULT oid= err=0 text= Sep 22 18:02:36 localhost slapd[20718]: conn=1071 fd=21 TLS established tls_ssf=256 ssf=256 Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=1 BIND dn="cn=replica,dc=mydomain,dc=com" method=128 Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=1 BIND dn="cn=replica,dc=mydomain,dc=com" mech=SIMPLE ssf=0 Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=1 RESULT tag=97 err=0 text= Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=2 SRCH base="dc=mydomain,dc=com" scope=2 deref=0 filter="(objectClass=*)" Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=2 SRCH attr=* + Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=2 SEARCH RESULT tag=101 err=0 nentries=22 text= Sep 22 18:02:36 localhost slapd[20718]: conn=1071 op=3 UNBIND Sep 22 18:02:36 localhost slapd[20718]: conn=1071 fd=21 closed Sep 22 18:02:36 localhost slapd[20718]: connection_read(21): no connection! Sep 22 18:02:36 localhost slapd[20718]: connection_read(21): no connection! Sep 22 18:03:37 localhost slapd[20718]: conn=1072 fd=21 ACCEPT from IP=10.10.2.103:35672 (IP=0.0.0.0:389) Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=0 STARTTLS Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=0 RESULT oid= err=0 text= Sep 22 18:03:37 localhost slapd[20718]: conn=1072 fd=21 TLS established tls_ssf=256 ssf=256 Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=1 BIND dn="cn=replica,dc=mydomain,dc=com" method=128 Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=1 BIND dn="cn=replica,dc=mydomain,dc=com" mech=SIMPLE ssf=0 Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=1 RESULT tag=97 err=0 text= Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=2 SRCH base="dc=mydomain,dc=com" scope=2 deref=0 filter="(objectClass=*)" Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=2 SRCH attr=* + Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=2 SEARCH RESULT tag=101 err=0 nentries=22 text= Sep 22 18:03:37 localhost slapd[20718]: conn=1072 op=3 UNBIND Sep 22 18:03:37 localhost slapd[20718]: conn=1072 fd=21 closed Sep 22 18:03:37 localhost slapd[20718]: connection_read(21): no connection! Sep 22 18:03:37 localhost slapd[20718]: connection_read(21): no connection!
The sync connection is supposed to be persistent but it keeps closing down and reconnecting.
Anyone know what could be the reason?
Thanks, Daniel