I have installed openldap on two machines and tried to setup multi-way replication.I am able to perform the multi-way replication (Add/Update/delete) when both the machines are up and ldap is running. But when my one machine goes down(server2) and records are added,deleted,modified on (server1) are not getting replicated on server2 when its is up and ldap service is running. **Below are the machine on which ldap is installed:** [root@localhost openldap]# cat /etc/*-release LSB_VERSION=base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch Red Hat Enterprise Linux Server release 6.4 (Santiago) Red Hat Enterprise Linux Server release 6.4 (Santiago) **Openldap version:** [root@localhost openldap]# slapd -V @(#) $OpenLDAP: slapd 2.4.23 (Oct 31 2012 08:14:14) $ mockbuild@x86-022.build.eng.bos.redhat.com:/builddir/build/BUILD /openldap-2.4.23/openldap-2.4.23/build-servers/servers/slapd **Below are the slapd.conf files from both the servers:** **1. Server1:** include /etc/openldap/schema/corba.schema include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/collective.schema include /etc/openldap/schema/sim-data-attributes.schema include /etc/openldap/schema/eps-pdn-attributes.schema include /etc/openldap/schema/SIMSubscription.schema include /etc/openldap/schema/EPSSubscription.schema include /etc/openldap/schema/PDNSubscriptionContexts.schema allow bind_v2 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args modulepath /usr/lib64/openldap moduleload syncprov.la serverID 1 database config access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none database monitor access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.exact="cn=Manager,dc=example,dc=com" read by * none database bdb suffix "dc=example,dc=com" checkpoint 1024 15 rootdn "cn=Manager,dc=example,dc=com" rootpw ******redacted****** sizelimit unlimited directory /var/lib/ldap index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 syncrepl rid=100 provider=ldap://172.16.101.60:389 type=refreshAndPersist retry="60 +" searchbase="dc=example,dc=com" scope=sub schemachecking=on bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mirrormode on loglevel 16777 logfile /var/log/ldap.log **2. Server2:** [root@localhost openldap]# cat slapd.conf include /etc/openldap/schema/corba.schema include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/collective.schema include /etc/openldap/schema/sim-data-attributes.schema include /etc/openldap/schema/eps-pdn-attributes.schema include /etc/openldap/schema/SIMSubscription.schema include /etc/openldap/schema/EPSSubscription.schema include /etc/openldap/schema/PDNSubscriptionContexts.schema allow bind_v2 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args modulepath /usr/lib64/openldap moduleload syncprov.la serverID 2 database config access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none database monitor access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.exact="cn=Manager,dc=example,dc=com" read by * none database bdb suffix "dc=example,dc=com" checkpoint 1024 15 rootdn "cn=Manager,dc=example,dc=com" rootpw *****redacted***** sizelimit unlimited directory /var/lib/ldap index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 syncrepl rid=100 provider=ldap://172.16.101.36:389 type=refreshAndPersist retry="60 +" searchbase="dc=example,dc=com" scope=sub schemachecking=on bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mirrormode on loglevel 393 logfile /var/log/ldap.log **On both the nodes the Syn log are enabled:** # Logging # - trace function calls (1) # - connection management (8) # - ACL processing (128) # - stats log connections/operations/results (256) # - LDAPSync replication (16384) # (1 + 8 + 128 + 256+ 16384)=16777 loglevel 16777 logfile /var/log/ldap.log **Below are the logs from both the servers** **Server2:** Apr 30 00:39:29 localhost slapd[5891]: daemon: removing 15 Apr 30 00:39:29 localhost slapd[5891]: conn=1001 fd=15 closed (slapd shutdown) Apr 30 00:39:29 localhost slapd[5891]: slapd shutdown: waiting for 0 operations/tasks to finish Apr 30 00:39:29 localhost slapd[5891]: slapd shutdown: initiated Apr 30 00:39:29 localhost slapd[5891]: ====> bdb_cache_release_all Apr 30 00:39:29 localhost slapd[5891]: slapd destroy: freeing system resources. Apr 30 00:39:29 localhost slapd[5891]: syncinfo_free: rid=100 Apr 30 00:39:29 localhost slapd[5891]: connection_get(13): got connid=0 Apr 30 00:39:29 localhost slapd[5891]: daemon: removing 13r Apr 30 00:39:29 localhost slapd[5891]: slapd stopped. **Server1:Trying to conncet to Server2 but since its stopped so failed** Apr 29 19:10:27 localhost slapd[28124]: =>do_syncrepl rid=100 Apr 29 19:10:27 localhost slapd[28124]: slap_client_connect: URI=ldap://172.16.101.60:389 DN="cn=manager,dc=example,dc=com" ldap_sasl_bind_s failed (-1) Apr 29 19:10:27 localhost slapd[28124]: do_syncrepl: rid=100 rc -1 retrying Apr 29 19:10:27 localhost slapd[28124]: daemon: activity on 1 descriptor Apr 29 19:10:27 localhost slapd[28124]: daemon: activity on: **Server1:Adding new entry** Apr 29 19:12:11 localhost slapd[28124]: op tag 0x68, time 1430314931 Apr 29 19:12:11 localhost slapd[28124]: conn=1001 op=15 do_add Apr 29 19:12:11 localhost slapd[28124]: => get_ctrls Apr 29 19:12:11 localhost slapd[28124]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (noncritical) Apr 29 19:12:11 localhost slapd[28124]: <= get_ctrls: n=1 rc=0 err="" Apr 29 19:12:11 localhost slapd[28124]: >>> dnPrettyNormal: Apr 29 19:12:11 localhost slapd[28124]: <<< dnPrettyNormal: , Apr 29 19:12:11 localhost slapd[28124]: conn=1001 op=15 ADD dn="IMSI=123,dc=example,dc=com" Apr 29 19:12:11 localhost slapd[28124]: oc_check_required entry (IMSI=123,dc=example,dc=com), objectClass "SIMSubscription" Apr 29 19:12:11 localhost slapd[28124]: oc_check_allowed type "IMSI" Apr 29 19:12:11 localhost slapd[28124]: oc_check_allowed type "objectClass" Apr 29 19:12:11 localhost slapd[28124]: oc_check_allowed type "structuralObjectClass" Apr 29 19:12:11 localhost slapd[28124]: slap_queue_csn: queing 0x7fc1c7ffe030 20150429134211.927786Z#000000#001#000000 Apr 29 19:12:11 localhost slapd[28124]: bdb_dn2entry("IMSI=123,dc=example,dc=com") Apr 29 19:12:11 localhost slapd[28124]: => bdb_dn2id("IMSI=123,dc=example,dc=com") Apr 29 19:12:11 localhost slapd[28124]: <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30988) Apr 29 19:12:11 localhost slapd[28124]: => access_allowed: add access to "dc=example,dc=com" "children" requested Apr 29 19:12:11 localhost slapd[28124]: <= root access granted Apr 29 19:12:11 localhost slapd[28124]: => access_allowed: add access granted by manage(=mwrscxd) Apr 29 19:12:11 localhost slapd[28124]: => access_allowed: add access to "IMSI=123,dc=example,dc=com" "entry" requested Apr 29 19:12:11 localhost slapd[28124]: <= root access granted Apr 29 19:12:11 localhost slapd[28124]: => access_allowed: add access granted by manage(=mwrscxd) Apr 29 19:12:11 localhost slapd[28124]: => bdb_dn2id_add 0x5a: "IMSI=123,dc=example,dc=com" Apr 29 19:12:11 localhost slapd[28124]: <= bdb_dn2id_add 0x5a: 0 Apr 29 19:12:11 localhost slapd[28124]: => index_entry_add( 90, "IMSI=123,dc=example,dc=com" ) Apr 29 19:12:11 localhost slapd[28124]: => key_change(ADD,5a) Apr 29 19:12:11 localhost slapd[28124]: <= key_change 0 Apr 29 19:12:11 localhost slapd[28124]: => key_change(ADD,5a) Apr 29 19:12:11 localhost slapd[28124]: <= key_change 0 Apr 29 19:12:11 localhost slapd[28124]: => key_change(ADD,5a) Apr 29 19:12:11 localhost slapd[28124]: <= key_change 0 Apr 29 19:12:11 localhost slapd[28124]: <= index_entry_add( 90, "IMSI=123,dc=example,dc=com" ) success Apr 29 19:12:11 localhost slapd[28124]: daemon: activity on 1 descriptor Apr 29 19:12:11 localhost slapd[28124]: daemon: activity on: Apr 29 19:12:11 localhost slapd[28124]: Apr 29 19:12:11 localhost slapd[28124]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 29 19:12:11 localhost slapd[28124]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 29 19:12:11 localhost slapd[28124]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 29 19:12:11 localhost slapd[28124]: => entry_encode(0x0000005a): IMSI=123,dc=example,dc=com Apr 29 19:12:11 localhost slapd[28124]: <= entry_encode(0x0000005a): IMSI=123,dc=example,dc=com **Server1:After starting the server 2 Server 1 was able to communicate with server2** Apr 29 19:12:52 localhost slapd[28124]: daemon: added 14r (active) listener=(nil) Apr 29 19:12:52 localhost slapd[28124]: conn=1002 fd=14 ACCEPT from IP=172.16.101.60:42695 (IP=0.0.0.0:389) Apr 29 19:12:52 localhost slapd[28124]: daemon: activity on 2 descriptors Apr 29 19:12:52 localhost slapd[28124]: daemon: activity on: Apr 29 19:12:52 localhost slapd[28124]: 14r Apr 29 19:12:52 localhost slapd[28124]: Apr 29 19:12:52 localhost slapd[28124]: daemon: read active on 14 Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: connection_get(14): got connid=1002 Apr 29 19:12:52 localhost slapd[28124]: connection_read(14): checking for input on id=1002 Apr 29 19:12:52 localhost slapd[28124]: op tag 0x60, time 1430314972 Apr 29 19:12:52 localhost slapd[28124]: conn=1002 op=0 do_bind Apr 29 19:12:52 localhost slapd[28124]: >>> dnPrettyNormal: Apr 29 19:12:52 localhost slapd[28124]: <<< dnPrettyNormal: , Apr 29 19:12:52 localhost slapd[28124]: conn=1002 op=0 BIND dn="cn=manager,dc=example,dc=com" method=128 Apr 29 19:12:52 localhost slapd[28124]: do_bind: version=3 dn="cn=manager,dc=example,dc=com" method=128 Apr 29 19:12:52 localhost slapd[28124]: conn=1002 op=0 BIND dn="cn=manager,dc=example,dc=com" mech=SIMPLE ssf=0 Apr 29 19:12:52 localhost slapd[28124]: do_bind: v3 bind: "cn=manager,dc=example,dc=com" to "cn=manager,dc=example,dc=com" Apr 29 19:12:52 localhost slapd[28124]: send_ldap_result: conn=1002 op=0 p=3 Apr 29 19:12:52 localhost slapd[28124]: send_ldap_response: msgid=1 tag=97 err=0 Apr 29 19:12:52 localhost slapd[28124]: conn=1002 op=0 RESULT tag=97 err=0 text= Apr 29 19:12:52 localhost slapd[28124]: daemon: activity on 2 descriptors Apr 29 19:12:52 localhost slapd[28124]: daemon: activity on: Apr 29 19:12:52 localhost slapd[28124]: 14r Apr 29 19:12:52 localhost slapd[28124]: Apr 29 19:12:52 localhost slapd[28124]: daemon: read active on 14 Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 29 19:12:52 localhost slapd[28124]: connection_get(14): got connid=1002 Apr 29 19:12:52 localhost slapd[28124]: connection_read(14): checking for input on id=1002 Apr 29 19:12:52 localhost slapd[28124]: op tag 0x63, time 1430314972 Apr 29 19:12:52 localhost slapd[28124]: conn=1002 op=1 do_search Apr 29 19:12:52 localhost slapd[28124]: >>> dnPrettyNormal: Apr 29 19:12:52 localhost slapd[28124]: <<< dnPrettyNormal: , Apr 29 19:12:52 localhost slapd[28124]: => get_ctrls Apr 29 19:12:52 localhost slapd[28124]: => get_ctrls: oid="1.3.6.1.4.1.4203.1.9.1.1" (noncritical) Apr 29 19:12:52 localhost slapd[28124]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical) Apr 29 19:12:52 localhost slapd[28124]: <= get_ctrls: n=2 rc=0 err="" **Server2:After server 2 was started it was also able to communicate with server1 but the replication did not happened** Apr 30 00:43:30 localhost slapd[6070]: >>> slap_listener(ldap:///) Apr 30 00:43:30 localhost slapd[6070]: daemon: listen=7, new connection on 14 Apr 30 00:43:30 localhost slapd[6070]: daemon: added 14r (active) listener=(nil) Apr 30 00:43:30 localhost slapd[6070]: conn=1000 fd=14 ACCEPT from IP=172.16.101.36:46102 (IP=0.0.0.0:389) Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on 2 descriptors Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on: Apr 30 00:43:30 localhost slapd[6070]: 14r Apr 30 00:43:30 localhost slapd[6070]: Apr 30 00:43:30 localhost slapd[6070]: daemon: read active on 14 Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: connection_get(14): got connid=1000 Apr 30 00:43:30 localhost slapd[6070]: connection_read(14): checking for input on id=1000 Apr 30 00:43:30 localhost slapd[6070]: op tag 0x60, time 1430334810 Apr 30 00:43:30 localhost slapd[6070]: conn=1000 op=0 do_bind Apr 30 00:43:30 localhost slapd[6070]: >>> dnPrettyNormal: Apr 30 00:43:30 localhost slapd[6070]: <<< dnPrettyNormal: , Apr 30 00:43:30 localhost slapd[6070]: conn=1000 op=0 BIND dn="cn=manager,dc=example,dc=com" method=128 Apr 30 00:43:30 localhost slapd[6070]: do_bind: version=3 dn="cn=manager,dc=example,dc=com" method=128 Apr 30 00:43:30 localhost slapd[6070]: conn=1000 op=0 BIND dn="cn=manager,dc=example,dc=com" mech=SIMPLE ssf=0 Apr 30 00:43:30 localhost slapd[6070]: do_bind: v3 bind: "cn=manager,dc=example,dc=com" to "cn=manager,dc=example,dc=com" Apr 30 00:43:30 localhost slapd[6070]: send_ldap_result: conn=1000 op=0 p=3 Apr 30 00:43:30 localhost slapd[6070]: send_ldap_response: msgid=1 tag=97 err=0 Apr 30 00:43:30 localhost slapd[6070]: conn=1000 op=0 RESULT tag=97 err=0 text= Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on 1 descriptor Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on: Apr 30 00:43:30 localhost slapd[6070]: Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on 1 descriptor Apr 30 00:43:30 localhost slapd[6070]: daemon: activity on: Apr 30 00:43:30 localhost slapd[6070]: 14r Apr 30 00:43:30 localhost slapd[6070]: Apr 30 00:43:30 localhost slapd[6070]: daemon: read active on 14 Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=7 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=8 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: daemon: epoll: listen=9 active_threads=0 tvp=zero Apr 30 00:43:30 localhost slapd[6070]: connection_get(14): got connid=1000 Apr 30 00:43:30 localhost slapd[6070]: connection_read(14): checking for input on id=1000 Apr 30 00:43:30 localhost slapd[6070]: op tag 0x63, time 1430334810 Apr 30 00:43:30 localhost slapd[6070]: conn=1000 op=1 do_search