--On Thursday, April 23, 2020 9:41 PM -0700 rammohan ganapavarapu rammohanganap@gmail.com wrote:

olcDatabase={2}bdb,cn=config:

BDB is deprecated. I'd advise using a non-deprecated backend.

olcReadOnly: TRUE olcSyncrepl: {0}rid=001 provider=ldap://10.126.0.21:10389/ binddn="cn=manager,dc=example,dc=com" bindmethod=simple credentials=TopSecret searchbase="dc=example,dc=com" attrs="*,+" type=refreshAndPersist retry="60 1 300 12 7200 +" timeout=1 olcUpdateRef: ldap://10.126.0.21:10389 olcMirrorMode: TRUE

Is it a consumer or a multimaster node? You have enabled multiprovider (which is horribly misnamed as "mirrormode", and really just means you're defining it as part of a multiprovider cluster).

Chain overlay on frontendDB:

dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config objectClass: olcOverlayConfig objectClass: olcChainConfig olcOverlay: {0}chain olcChainReturnError: TRUE

dn: olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config objectClass: olcLDAPConfig objectClass: olcChainDatabase olcDatabase: {0}ldap olcDbURI: ldap://10.126.0.21:10389/ olcDbIDAssertBind: bindmethod=simple binddn="cn=manager,dc=example,dc=com" credentials=TopSecret mode=self olcDbRebindAsUser: TRUE

Why would chaning on the frontend database affect the ability of your dc=example,dc=com database to forward updates? You've clearly misconfigured your system.

So with the above config, if i add entry in master it  is replicating to slave but when i try to add entry in slave its not allowing write as expected but its not forwarding request to referral ( its because of ldapadd doesnt follow referral) is it expected? How do i make sure if updatereferral is working properly?

Configure your system correctly? You may also want to examine test032 in the test suite which specifically configures this.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com