--On Friday, December 05, 2008 1:18 PM -0800 Ivan Ordonez iordonez@nature.berkeley.edu wrote:
Hi Quanah,
I was able to get it to work earlier when I add the startls=critical line. It work when I did it on the slave1, at the time, I made the slave1 as the master. Thanks so much for that. Now moving on the the real master, things did not go well. Now the issue is that, any changes I make on the master, doesn't go to the slaves. I have two slaves and I want those two to get the changes.
example:
Master | _ _ _ _ _| |_ _ _ _ _ | | | | | | Slave1 Slave2
Now, when I make any change on the master, the changes will take effect only on master and not on the slaves. I will get this error on both slaves. Is this because of the acl.bdc.readonly.conf line I have on both slave's slapd.conf file? pdbedit -Lv username still work only on account were no changes are made.
Do you see any errors on the master from the slaves binding? Are you sure they have the right permissions to the master? Did you look at what sync logging shows? What is the contextCSN on your master versus your slaves?
At this point, I suggest we take this discussion back to the list, since we got back your earlier config issue (starttls not being set in the syncrepl config).
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
--On Friday, December 05, 2008 1:18 PM -0800 Ivan Ordonez iordonez@nature.berkeley.edu wrote:
Hi Quanah,
I was able to get it to work earlier when I add the startls=critical line. It work when I did it on the slave1, at the time, I made the slave1 as the master. Thanks so much for that. Now moving on the the real master, things did not go well. Now the issue is that, any changes I make on the master, doesn't go to the slaves. I have two slaves and I want those two to get the changes.
example:
Master | _ _ _ _ _| |_ _ _ _ _ | | | | | | Slave1 Slave2
Now, when I make any change on the master, the changes will take effect only on master and not on the slaves. I will get this error on both slaves. Is this because of the acl.bdc.readonly.conf line I have on both slave's slapd.conf file? pdbedit -Lv username still work only on account were no changes are made.
Do you see any errors on the master from the slaves binding? Are you sure they have the right permissions to the master? Did you look at what sync logging shows? What is the contextCSN on your master versus your slaves?
At this point, I suggest we take this discussion back to the list, since we got back your earlier config issue (starttls not being set in the syncrepl config).
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
There is no binding issue from the master. I can connect to the master without issue using the command below:
ldapsearch -LLL -x -H ldap://pdc.ldap.com:389 -D "cn=Replicator,ou=DSA,dc=my,dc=domain,dc=com" -s base -b "dc=my,dc=domain,dc=com" -w mypassword
This is what I got from the log:
init_sam_from_ldap: Entry found for user: i_test5 init_sam_from_ldap: no sambaSID or sambaSID attribute found for this user i_test5 ldapsam_getsampwnam: init_sam_from_ldap failed for user 'i_test5'! Username not found!
Everytime I make any changes on an account using "pdbedit" using the master, the account is not found on the slave even if it was there before I made the change. Has anyone seen this before. I am migrating from slurpd to syncrepl.
Openldap 2.3.43 Samba 3.0.33 Gentoo Linux
Thanks in advance.
-Ivan
--On Friday, December 05, 2008 3:56 PM -0800 Ivan Ordonez iordonez@nature.berkeley.edu wrote:
Do you see any errors on the master from the slaves binding? Are you sure they have the right permissions to the master? Did you look at what sync logging shows? What is the contextCSN on your master versus your slaves?
Everytime I make any changes on an account using "pdbedit" using the master, the account is not found on the slave even if it was there before I made the change. Has anyone seen this before. I am migrating from slurpd to syncrepl. Openldap 2.3.43 Samba 3.0.33 Gentoo Linux
How did you load the replica servers?
What about the answers to the rest of my questions? I.e., what does sync logging show? What are the contextCSN values on the master & replica servers?
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
--On Friday, December 05, 2008 3:56 PM -0800 Ivan Ordonez iordonez@nature.berkeley.edu wrote:
Do you see any errors on the master from the slaves binding? Are you sure they have the right permissions to the master? Did you look at what sync logging shows? What is the contextCSN on your master versus your slaves?
Everytime I make any changes on an account using "pdbedit" using the master, the account is not found on the slave even if it was there before I made the change. Has anyone seen this before. I am migrating from slurpd to syncrepl. Openldap 2.3.43 Samba 3.0.33 Gentoo Linux
How did you load the replica servers?
What about the answers to the rest of my questions? I.e., what does sync logging show? What are the contextCSN values on the master & replica servers?
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
It is now working. I have to give the slave server the same ACL configuration as the master. I also use an "cn=samba" instead of "cn=Replicator" that I have been using for a while.
Thanks for all the help. Praise the LORD!
openldap-technical@openldap.org