Turbo Fredriksson wrote:
On Fri, 25 May 2012 12:46:50 +0100, Andrew Findlay wrote:
> In normal operation it should
> be enough to read the contextCSN attribute from the root of the
> replicated subtree on each server:
Ok, most of the servers are now upgraded, but unfortunatly there's
two that can't (for various reasons) not be upgraded at this time.
The sync seems to work quite nice between the 2.4.23 and the 2.3.43
However, the contextCSN missmatches and after examining, it's the
password policy object that won't sync...
The first three is 2.4 (paragon is the provider) and kelvin and
rambo is 2.3...
I've included the ppolicy.schema in all the servers, schemachecking=off
on the consumers but still no policy object...
ppolicy.schema only defines the user attributes. The operational attributes
are implemented in the ppolicy overlay. The overlay must be configured on
every server for the operational attributes to be replicated.
I do however, now when I look closer, get an error/warning in the
Jun 16 15:29:21 rambo slapd: syncrepl_message_to_entry: rid
444 mods check (pwdAttribute: value #0 invalid per syntax)
Jun 16 15:29:21 rambo slapd: do_syncrepl: rid 444 retrying
I tried to take ppolicy.schema from paragon (the original one was
version 18.104.22.168 and paragons is 22.214.171.124) but that didn't help.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/