On Thu, 2015-01-01 at 23:17 +0100, Michael Ströder wrote:
Brendan Kearney wrote:
> On Thu, 2015-01-01 at 22:35 +0100, Michael Ströder wrote:
>> Brendan Kearney wrote:
>>> On Wed, 2014-12-31 at 13:50 -0800, Quanah Gibson-Mount wrote:
>>>> --On Wednesday, December 31, 2014 3:31 PM -0500 Brendan Kearney
>>>> <bpk678(a)gmail.com> wrote:
>>>>> /usr/sbin/slapd -u ldap -h "ldapi:/// ldap:///" -4 -d9
>>>>> olcServerID: 1 ldap://ldap1.bpk2.com
>>>>> olcServerID: 2 ldap://ldap2.bpk2.com
>>>>> not sure what is wrong. can someone point me in the right
>>>> Your -h argument clearly does not match anything in olcServerID. Seems
>>>> fairly clear to me, which is what the error message you received was
>>>> pointing out. ;)
>>> its looking for cn=Subschema, which does not exist on the instance that
>>> wont start, does not exist on the MMR mirror instance, and cannot be
>>> added to the MMR mirror instance.
>>> 54a5a578 send_ldap_result: conn=-1 op=0 p=0
>>> 54a5a578 >>> dnNormalize: <cn=Subschema>
>>> 54a5a578 <<< dnNormalize: <cn=subschema>
>>> 54a5a578 read_config: no serverID / URL match found. Check slapd -h
>> Why don't you read Quanah's clear answer more carefully?
> because it is irrelevant.
> clearly, the above proves that the parameters i am using are not the
If you use LDAP URIs in server IDs this LDAP URI has to be used with -h.
But of course you're free to ignore advice.
But don't whine if you're ignored then.
slapd will by default serve ldap:/// (LDAP over TCP on
all interfaces on default LDAP port). That is, it will bind using
port 389. The -h option may be used to specify LDAP
(and other scheme) URLs to serve. For example, if slapd is
"ldap://127.0.0.1:9009/ ldaps:/// ldapi:///", it will
listen on 127.0.0.1:9009 for LDAP, 0.0.0.0:636 for LDAP over TLS, and
LDAP over IPC
(Unix domain sockets). Host 0.0.0.0 represents INADDR_ANY
(any interface). A space separated list of URLs is expected. The URLs
of the LDAP, LDAPS, or LDAPI schemes, and generally
without a DN or other optional parameters (excepting as discussed
below). Support for
the latter two schemes depends on selected configuration
options. Hosts may be specified by name or IPv4 and IPv6 address
if specified, must be numeric. The default ldap:// port
is 389 and the default ldaps:// port is 636.
For LDAP over IPC, name is the name of the socket, and no
port is required, nor allowed; note that directory separators must be
like any other characters that are special to URLs; so the
must be specified as
The default location for the IPC socket is /var/run/ldapi
The listener permissions are indicated by
"x-mod=-rwxrwxrwx", "x-mod=0777" or "x-mod=777", where any
of the "rwx"
can be "-" to suppress the
related permission, while any of the "7" can be any
legal octal digit, according to chmod(1). The listeners can take
advantage of the
"x-mod" extension to apply rough limitations to
operations, e.g. allow read operations ("r", which applies to search
and compare), write
operations ("w", which applies to add, delete, modify and
modrdn), and execute operations ("x", which means bind is required).
missions apply to authenticated users, while "other"
apply to anonymous users; "group" permissions are ignored. For
"ldap:///????x-mod=-rw-------" means that read and write
is only allowed for authenticated connections, and bind is required for
tions. This feature is experimental, and requires to be
manually enabled at configure time.
serverID <integer> [<URL>]
Specify an integer ID from 0 to 4095 for this server
(limited to 3 hexadecimal digits). The ID may also be specified as a
hexadecimal ID by
prefixing the value with "0x". These IDs are required
when using multimaster replication and each master must have a unique
ID. Note that
this requirement also applies to separate masters
contributing to a glued set of databases. If the URL is provided, this
directive may be
specified multiple times, providing a complete list of
participating servers and their IDs. The fully qualified hostname of
should be used in the supplied URLs. The IDs are used in
the "replica id" field of all CSNs generated by the specified server.
value is zero. Example:
also, i did try that, as i put A, CNAME and IP values into the
ldap://<...>/ URL, and all three failed.