Hi guys,
I have the following problem: I have two servers, ldap1 and ldap2 that I am trying to sync both ways using syncrepl. However, when I was entering an 8mb data into ldap1 using ldapadd, the changes were not propagated or was not retrieved by ldap2. What's worse is ldap2 syncrepl gets a "Can't contact server error." However, when doing an ldapsearch from the ldap2 terminal to ldap1, the results are displayed.
Additionally, I was doing an ldapsearch in ldap2 while the syncing was going on. Does this have any effect?
Below is the olcDatabase={2}bdb.ldif files from both ldap1 and ldap2.
dn: olcDatabase={2}bdb objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: {2}bdb olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcSyncUseSubentry: FALSE olcMonitoring: TRUE olcDbDirectory: /var/lib/ldap olcDbCacheSize: 1000 olcDbCheckpoint: 1024 15 olcDbNoSync: FALSE olcDbDirtyRead: FALSE olcDbIDLcacheSize: 0 olcDbIndex: objectClass pres,eq olcDbIndex: cn pres,eq,sub olcDbIndex: uid pres,eq,sub olcDbIndex: uidNumber pres,eq olcDbIndex: gidNumber pres,eq olcDbIndex: mail pres,eq,sub olcDbIndex: ou pres,eq,sub olcDbIndex: loginShell pres,eq olcDbIndex: sn pres,eq,sub olcDbIndex: givenName pres,eq,sub olcDbIndex: memberUid pres,eq,sub olcDbIndex: nisMapName pres,eq,sub olcDbIndex: nisMapEntry pres,eq,sub olcDbLinearIndex: FALSE olcDbMode: 0600 olcDbSearchStack: 16 olcDbShmKey: 0 olcDbCacheFree: 1 olcDbDNcacheSize: 0 structuralObjectClass: olcBdbConfig entryUUID: 3c9dde1a-f65f-1031-92f3-ef68fd07464c creatorsName: cn=config createTimestamp: 20130119083743Z olcSuffix: dc=myorganization,dc=org olcRootDN: cn=admin,dc=myorganization,dc=org olcRootPW: password olcAccess: {0}to attrs=employeeType by dn="cn=sssd,dc=myorganization,dc=org" read by self read by * none olcAccess: {1}to attrs=userPassword,shadowLastChange by self write by anonymous auth by * none olcAccess: {2}to dn.base="" by * none olcAccess: {3}to * by dn="cn=config" write by dn="cn=sssd,dc=myorganization,dc=org" read by self write by * none olcSyncrepl: {0}rid=001 provider=ldaps://ldap1.myorganization.orgbinddn="cn=admin,dc=myorganization,dc=org" bindmethod=simple credentials=password searchbase="dc=myorganization,dc=org" type=refreshOnly interval=00:00:05:00 retry="5 5 300 5" timeout=1 olcSyncRepl: {2}rid=002 provider=ldaps://ldap2.myorganization.orgbinddn="cn=admin,dc=myorganization,dc=org" bindmethod=simple credentials=password searchbase="dc=myorganization,dc=org" type=refreshOnly interval=00:00:05:00 retry="5 5 300 5" timeout=1 olcMirrorMode: TRUE
The ldap1 logs show nothing and the ldap2 logs display the following lines:
do_syncrep2: rid=001 (-1) Can't contact LDAP server do_syncrepl: rid=001 rc -1 retrying (4 retries left)
I have tried rebooting both the servers but the problem persists.
I am using OpenLDAP v2.4.23 on a CentOS 6.3 VM.