On 14/10/2011 4:10 μμ, Hugo Deprez wrote:
I don't understand why it is failing as a single ldapsearch from the same server with the syncrepl user is working.
I had exactly the same problem.
Following directions from: http://blaoism.blogspot.com/2010/05/ldapsaslbinds-failed.html, I added tls_reqcert=never to syncrepl directives on the consumer, and this solved the problem.
You may want to see my case here: http://tools.lsc-project.org/issues/328
Here is my setup on the consumer:
# Consumer Sync syncrepl rid=333 provider=ldaps://ldap.example.com tls_reqcert=never type=refreshAndPersist retry="60 +" searchbase="dc=example,dc=com" schemachecking=off bindmethod=simple binddn="uid=dnsauthusr,ou=System,dc=example,dc=com" credentials="mypassword"
I hope that helps.
Nick