I had configured openldap in master/slave for replication. It's work perfectly. It's replicated entries but one entry not replicated. I try to add that entry using ldapadd command in my slave server. That time I got the below error.
adding new entry "uid=test,ou=people,dc=example,dc=com" ldap_add: Server is unwilling to perform (53) additional info: shadow context; no update referral
On Thu, Oct 15, 2009 at 6:42 AM, Venish Khant venish@deeproot.co.in wrote:
I had configured openldap in master/slave for replication. It's work perfectly. It's replicated entries but one entry not replicated. I try to add that entry using ldapadd command in my slave server. That time I got the below error.
adding new entry "uid=test,ou=people,dc=example,dc=com" ldap_add: Server is unwilling to perform (53) additional info: shadow context; no update referral
-- Venish Khant www.deeproot.co.in
I'm not an expert on OpenLDAP but nobody has responded so I thought I'd share what I've learned.
If a server is a syncrepl slave you can't directly make changes (i.e. it is read only). I had similar problems with entries not getting synced. I'm using multi-master mode so I was able to fix it by doing it manually.
One thing you could try is running slapd with "-c rid=$RID" where $RID is the syncrepl rid. This forces a complete resync so make sure to not to leave it in your start scripts or you'll be resyncing everything you restart the server.
Matt Edlefsen Computing Services Earlham College
Matthew Edlefsen wrote:
On Thu, Oct 15, 2009 at 6:42 AM, Venish Khant venish@deeproot.co.in wrote:
I had configured openldap in master/slave for replication. It's work perfectly. It's replicated entries but one entry not replicated. I try to add that entry using ldapadd command in my slave server. That time I got the below error.
adding new entry "uid=test,ou=people,dc=example,dc=com" ldap_add: Server is unwilling to perform (53) additional info: shadow context; no update referral
-- Venish Khant www.deeproot.co.in
I'm not an expert on OpenLDAP but nobody has responded so I thought I'd share what I've learned.
If a server is a syncrepl slave you can't directly make changes (i.e. it is read only). I had similar problems with entries not getting synced. I'm using multi-master mode so I was able to fix it by doing it manually.
One thing you could try is running slapd with "-c rid=$RID" where $RID is the syncrepl rid. This forces a complete resync so make sure to not to leave it in your start scripts or you'll be resyncing everything you restart the server.
Matt Edlefsen Computing Services Earlham College
Hi,
adding 'updateref ldap://ldapmaster.domain.tld' into slapd.conf doesn't work? There are variations eg. ldaps://<host>:<port> - you get the idea.
Regards, Zdenek
openldap-technical@openldap.org
-
Matthew Edlefsen -
Venish Khant -
Zdenek Styblik