I am trying to create an OpenLDAP master/slave solution with syncrepl, but I have not been successful so far.
I followed the suggestions of this site, with another sync password:
https://www.itzgeek.com/how-tos/linux/configure-openldap-master-slave- replication.html
One thing I made different, on the master server, I created the replication user with a userPassword: in SSHA-Format instead of clear text.
I have clear text (older os), maybe that is it?
Additionally, I set, following the suggestion of another website:
olcDbIndex: entryUUID eq olcDbIndex: entryCSN eq
Now, I can see with tcpdump that the slave server contacts the master server and that the master server send replies, but no LDAP users are synchronized to the slave.
Maybe acl's? You have to give your sync users access to everything. On the other hand if you do not need these accounts on your slaves, it is safer not to have this copied ;)
Unfortunately, nothing about replication is logged to syslog, though I started slapd on both master and slave with options "-s Sync -c rid=001".
change logging like this or so.
dn: cn=config changetype: modify replace: olcLogLevel olcLogLevel: ber sync acl
dn: cn=config changetype: modify replace: olcLogLevel olcLogLevel: ber sync acl stats