So
I have started with a blank db
+++ dn: cn=config objectClass: olcGlobal cn: config olcConfigFile: /etc/openldap/slapd.conf.bak olcConfigDir: /etc/openldap/slapd.d olcAllows: bind_v2 olcArgsFile: /var/run/openldap/slapd.args olcAttributeOptions: lang- olcAuthzPolicy: none olcConcurrency: 0 olcConnMaxPending: 100 olcConnMaxPendingAuth: 1000 olcGentleHUP: FALSE olcIdleTimeout: 0 olcIndexSubstrIfMaxLen: 4 olcIndexSubstrIfMinLen: 2 olcIndexSubstrAnyLen: 4 olcIndexSubstrAnyStep: 2 olcIndexIntLen: 4 olcLocalSSF: 71 olcPidFile: /var/run/openldap/slapd.pid olcReadOnly: FALSE olcReverseLookup: FALSE olcSaslSecProps: noplain,noanonymous olcSockbufMaxIncoming: 262143 olcSockbufMaxIncomingAuth: 16777215 olcThreads: 16 olcTLSVerifyClient: never olcToolThreads: 1 olcWriteTimeout: 0 structuralObjectClass: olcGlobal olcLogFile: /var/log/slapd/slapd-err.log olcLogLevel: stats config
+++ dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAddContentAcl: TRUE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: cn=config olcSyncUseSubentry: FALSE olcMonitoring: FALSE structuralObjectClass: olcDatabaseConfig olcRootPW: XXXXXX olcAccess: {0}to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=externa l,cn=auth" manage by dn.exact="cn=Alexander Samad, dc=com" manage by * read
+++
Not sure why the doco wants olcServerID set here and later VVVVV +++ dn: cn=config changetype: modify replace: olcServerID olcServerID: 2
dn: olcDatabase={0}config,cn=config changetype: modify replace: olcRootPW olcRootPW: xx - replace: olcRootDN olcRootDN: cn=config
+++
dn: cn=module{0},cn=config changetype:add objectClass: olcModuleList cn: module{0} olcModulePath: /usr/lib64/openldap/
dn: cn=module{0},cn=config changetype:modify add: olcModuleLoad olcModuleLoad: auditlog.la
dn: olcOverlay=auditlog,olcDatabase={0}config,cn=config changetype:add objectClass: olcOverlayConfig objectClass: olcAuditLogConfig olcOverlay: auditlog olcAuditlogFile: /var/log/slapd/auditlog-db0.ldif
dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: syncprov.la
+++++
dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 ldap://alcldap1.com olcServerID: 2 ldap://gsldap1.com
dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov
dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=ldap://alcldap1.com binddn="cn=config" bindmethod=simple credentials=xx searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldap://gsldap1.com binddn="cn=config" bindmethod=simple credentials=xx searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE
Mar 7 16:40:14 gsldap1 slapd[29068]: do_syncrep2: rid=001 got empty syncUUID with LDAP_SYNC_ADD Mar 7 16:40:14 gsldap1 slapd[29068]: do_syncrepl: rid=001 rc -1 retrying (4 retries left)
But I don't see anything on the alcldap1 server
/usr/sbin/slapd -h ldap://alcldap1.com/ ldapi:/// -u ldap /usr/sbin/slapd -h ldap://gsldap1.com/ ldapi:/// -u ldap
I have done ldapsearch tests on both machines to each other no problem... I haven't setup ALC for the userid as it's the rootDN and rootPW ?
openldap-2.4.23-32.el6_4.1
any one ?
Alex
-----Original Message----- From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap- technical-bounces@OpenLDAP.org] On Behalf Of Alex Samad - Yieldbroker Sent: Friday, 7 March 2014 10:15 AM To: openldap-technical@openldap.org Subject: Help with trying to setup RE: Issues with setting up multiple master
Hi
Any one got any hints at what I can look at to fix this ?
Alex
-----Original Message----- From: Alex Samad - Yieldbroker Sent: Wednesday, 5 March 2014 4:11 PM To: 'openldap-technical@openldap.org' Subject: Issues with setting up multiple master
Hi
So I am setting up multi master following the steps here http://www.openldap.org/doc/admin24/replication.html 18.3.3
I have 2 nodes and not 3.
I did this on the master dn: cn=config objectClass: olcGlobal cn: config olcServerID: 1
dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootPW: secretand on the 2nd
dn: cn=config objectClass: olcGlobal cn: config olcServerID: 2
dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootPW: secretI used a different password on each site . changed it to the same password no
I did this
dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 $URI1 olcServerID: 2 $URI2
dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=$URI1 binddn="cn=config"bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=$URI2 binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE
I am wondering why I did dn: cn=config objectClass: olcGlobal cn: config olcServerID: 2
if I am just going to do this
dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 $URI1 olcServerID: 2 $URI2
This is what I get on the second node Mar 5 16:08:09 alcldap1 slapd[21296]: do_syncrep2: rid=001 got empty syncUUID with LDAP_SYNC_ADD Mar 5 16:08:09 alcldap1 slapd[21296]: do_syncrepl: rid=001 rc -1 retrying (4 retries left) Mar 5 16:08:14 alcldap1 slapd[21296]: do_syncrep2: rid=001 got empty syncUUID with LDAP_SYNC_ADD Mar 5 16:08:14 alcldap1 slapd[21296]: do_syncrepl: rid=001 rc -1 retrying (4 retries left) Mar 5 16:08:19 alcldap1 slapd[21296]: do_syncrep2: rid=001 got empty syncUUID with LDAP_SYNC_ADD
And on the first node Mar 5 16:09:27 gsldap1 slapd[11028]: do_syncrep2: rid=002 got empty syncUUID with LDAP_SYNC_ADD x Mar 5 16:09:27 gsldap1 slapd[11028]: do_syncrepl: rid=002 rc -1 retrying (4 retries left) x
I have done manual ldapsearch from both boxes to the other boxes with the credentials and it works
So now I am stuff. Had a quick google, but could find anything relevant.
Help :)
Oh I started with info in the db's already. Just a rsync ...
Alex