1:27 p.m.
--On Friday, December 05, 2008 1:18 PM -0800 Ivan Ordonez
<iordonez(a)nature.berkeley.edu> wrote:
Hi Quanah,
I was able to get it to work earlier when I add the startls=critical
line. It work when I did it on the slave1, at the time, I made the
slave1 as the master. Thanks so much for that. Now moving on the the
real master, things did not go well. Now the issue is that, any changes
I make on the master, doesn't go to the slaves. I have two slaves and I
want those two to get the changes.
example:
Master
|
_ _ _ _ _| |_ _ _ _ _
| |
| |
| |
Slave1 Slave2
Now, when I make any change on the master, the changes will take effect
only on master and not on the slaves. I will get this error on both
slaves.
Is this because of the acl.bdc.readonly.conf line I have on both slave's
slapd.conf file? pdbedit -Lv username still work only on account were no
changes are made.
Do you see any errors on the master from the slaves binding? Are you sure
they have the right permissions to the master? Did you look at what sync
logging shows? What is the contextCSN on your master versus your slaves?
At this point, I suggest we take this discussion back to the list, since we
got back your earlier config issue (starttls not being set in the syncrepl
config).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
3:56 p.m.
New subject: Syncrepl question
Quanah Gibson-Mount wrote:
--On Friday, December 05, 2008 1:18 PM -0800 Ivan Ordonez
<iordonez(a)nature.berkeley.edu> wrote:
> Hi Quanah,
>
> I was able to get it to work earlier when I add the startls=critical
> line. It work when I did it on the slave1, at the time, I made the
> slave1 as the master. Thanks so much for that. Now moving on the the
> real master, things did not go well. Now the issue is that, any changes
> I make on the master, doesn't go to the slaves. I have two slaves and I
> want those two to get the changes.
>
> example:
>
> Master
> |
> _ _ _ _ _| |_ _ _ _ _
> | |
> | |
> | |
> Slave1 Slave2
>
> Now, when I make any change on the master, the changes will take effect
> only on master and not on the slaves. I will get this error on both
> slaves.
> Is this because of the acl.bdc.readonly.conf line I have on both slave's
> slapd.conf file? pdbedit -Lv username still work only on account
> were no
> changes are made.
Do you see any errors on the master from the slaves binding? Are you
sure they have the right permissions to the master? Did you look at
what sync logging shows? What is the contextCSN on your master versus
your slaves?
At this point, I suggest we take this discussion back to the list,
since we got back your earlier config issue (starttls not being set in
the syncrepl config).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
There is no binding issue from the master. I can connect to the master
without issue using the command below:
ldapsearch -LLL -x -H ldap://pdc.ldap.com:389 -D
"cn=Replicator,ou=DSA,dc=my,dc=domain,dc=com" -s base -b
"dc=my,dc=domain,dc=com" -w mypassword
This is what I got from the log:
init_sam_from_ldap: Entry found for user: i_test5
init_sam_from_ldap: no sambaSID or sambaSID attribute found for this
user i_test5
ldapsam_getsampwnam: init_sam_from_ldap failed for user 'i_test5'!
Username not found!
Everytime I make any changes on an account using "pdbedit" using the
master, the account is not found on the slave even if it was there
before I made the change. Has anyone seen this before. I am migrating
from slurpd to syncrepl.
Openldap 2.3.43
Samba 3.0.33
Gentoo Linux
Thanks in advance.
-Ivan
4:25 p.m.
New subject: Syncrepl question
--On Friday, December 05, 2008 3:56 PM -0800 Ivan Ordonez
<iordonez(a)nature.berkeley.edu> wrote:
> Do you see any errors on the master from the slaves binding? Are
you
> sure they have the right permissions to the master? Did you look at
> what sync logging shows? What is the contextCSN on your master versus
> your slaves?
Everytime I make any changes on an account using "pdbedit" using the
master, the account is not found on the slave even if it was there before
I made the change. Has anyone seen this before. I am migrating from
slurpd to syncrepl.
Openldap 2.3.43
Samba 3.0.33
Gentoo Linux
How did you load the replica servers?
What about the answers to the rest of my questions? I.e., what does sync
logging show? What are the contextCSN values on the master & replica
servers?
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
4:59 p.m.
New subject: Syncrepl question
Quanah Gibson-Mount wrote:
--On Friday, December 05, 2008 3:56 PM -0800 Ivan Ordonez
<iordonez(a)nature.berkeley.edu> wrote:
>> Do you see any errors on the master from the slaves binding? Are you
>> sure they have the right permissions to the master? Did you look at
>> what sync logging shows? What is the contextCSN on your master versus
>> your slaves?
>
> Everytime I make any changes on an account using "pdbedit" using the
> master, the account is not found on the slave even if it was there
> before
> I made the change. Has anyone seen this before. I am migrating from
> slurpd to syncrepl.
> Openldap 2.3.43
> Samba 3.0.33
> Gentoo Linux
How did you load the replica servers?
What about the answers to the rest of my questions? I.e., what does
sync logging show? What are the contextCSN values on the master &
replica servers?
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
It is now working. I have to give the slave server the same ACL
configuration as the master. I also use an "cn=samba" instead of
"cn=Replicator" that I have been using for a while.
Thanks for all the help. Praise the LORD!
5477
days inactive
5478
days old
openldap-technical@openldap.org
3 comments
2 participants
participants (2)
-
Ivan Ordonez -
Quanah Gibson-Mount