Hi,
I (think I) setting up completly a master-slave replication.
The replication user can access from the slave (ldapsearch works).
Here is the config, what I added on slave:
dn: olcDatabase={1}mdb,cn=config changetype: modify replace: olcSyncRepl olcSyncRepl: rid=001 provider=ldaps://master:636/ bindmethod=simple binddn="uid=repuser,dc=my,dc=domain,dc=hu" credentials=SECRET searchbase="dc=my,dc=domain,dc=hu" scope=sub schemachecking=on type=refreshAndPersist retry="30 5 300 3" interval=00:00:05:00 tls_cacert=/etc/ldap/CAcert.pem tls_cert=/etc/ldap/slave_cert.pem tls_key=/etc/ldap/slave_key.pem tls_reqcert=demand
And now I found these lines in syslog:
Oct 10 17:36:40 open-ldap2 slapd[4640]: Entry (cn=admin,dc=my,dc=domain,dc=hu): object class 'simpleSecurityObject' requires attribute 'userPassword' Oct 10 17:36:40 open-ldap2 slapd[4640]: null_callback : error code 0x41 Oct 10 17:36:40 open-ldap2 slapd[4640]: syncrepl_entry: rid=001 be_add cn=admin,dc=my,dc=domain,dc=hu failed (65) Oct 10 17:36:41 open-ldap2 slapd[4640]: do_syncrepl: rid=001 rc 65 retrying (4 retries left)
I think this occures, because the cn=admin,dc=... user is a simpleSecurityObject, and could't access the userPassword from the ldapsearch - or not :).
Anyway - how can I solve this problem?
Thanks,
a.