Hello,
This is my first post to this list and unfortunately I come here with a
problem. I'm not new to LDAP but I am new to OpenLDAP especially the 2.4
release.
I am trying to get multi master replication working and I've read the
documentation several times. I did wonder if this might be a bug but I
still think it's probably a misunderstanding on my part.
I have 2 servers configured for multi master replcation which I will refer
to as server A and B. If I start both servers I can make changes on server
A which are immediately replicated to server B. However if I then start
making changes to server B I don't see replication back to A. The same
thing happens if I initiate replication from B, then replication to A works
but not the other way around. i.e. replication only works in 1 direction
which is determined by which server I make changes on first. I am using
slapd.conf as I didn't want to complicate matters by introducing online
config. The specific version is 2.4.31. Connectivity between the servers is
working fine - I can perform LDAP operations in both directions.
If someone could take a look at my config I'd much appreciate it.
Thanks
Neil
#slapd.conf Server A (10.5.1.110)
pidfile /usr/local/openldap/var/run/slapd.pid
argsfile /usr/local/openldap/var/run/slapd.args
include /usr/local/openldap/etc/schema/core.schema
include /usr/local/openldap/etc/schema/cosine.schema
include /usr/local/openldap/etc/schema/solaris.schema
include /usr/local/openldap/etc/schema/inetorgperson.schema
include
/usr/local/openldap/etc/schema/DUAConfigProfile.schema
include /usr/local/openldap/etc/schema/sudo.schema
modulepath /usr/local/openldap/libexec
moduleload syncprov.la
access to attrs=userPassword
by self write
by * auth
by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write
access to dn.base=""
by * read
access to *
by self write
by users read
by anonymous read
serverID 1
database hdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod on
directory /usr/local/openldap/var/openldap-data
index
objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index cn,sn,gn,mail eq,sub
syncrepl rid=001
provider=ldap://10.7.82.3
type=refreshAndPersist
searchbase="dc=example,dc=com"
attrs="*,+"
bindmethod=simple
binddn="cn=manager,dc=example,dc=com"
credentials="secret"
mirrormode TRUE
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
#######################################################
#slapd.conf server B (10.7.82.3)
pidfile /usr/local/openldap/var/run/slapd.pid
argsfile /usr/local/openldap/var/run/slapd.args
include /usr/local/openldap/etc/schema/core.schema
include /usr/local/openldap/etc/schema/cosine.schema
include /usr/local/openldap/etc/schema/solaris.schema
include /usr/local/openldap/etc/schema/inetorgperson.schema
include
/usr/local/openldap/etc/schema/DUAConfigProfile.schema
include /usr/local/openldap/etc/schema/sudo.schema
modulepath /usr/local/openldap/libexec
moduleload syncprov.la
access to attrs=userPassword
by self write
by * auth
by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write
access to dn.base=""
by * read
access to *
by self write
by users read
by anonymous read
serverID 2
database hdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod on
directory /usr/local/openldap/var/openldap-data
index
objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index cn,sn,gn,mail eq,sub
syncrepl rid=001
provider=ldap://10.5.1.110
type=refreshAndPersist
searchbase="dc=example,dc=com"
attrs="*,+"
bindmethod=simple
binddn="cn=manager,dc=example,dc=com"
credentials="secret"
mirrormode TRUE
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
#######################################################
Show replies by date