Hallo,   I'm using OpenLDAP on Debian 9 (2.4.44) and started to configure replication: szenario syncrepl proxy (push based replication, see 18.3.5 in OpenLDAP Admin Guide - "primary directory also contains back-ldap databases"). Configuring the LDAP backend leads unfortunately to a root DSE showing the same name context twice:

namingContexts: dc=keutel,dc=de namingContexts: dc=keutel,dc=de

Is this a known problem? Esp. this stops PHPLDAPAdmin from working: It prints a lot of PHP arrays in this case. I've set "hidden on" for this backend but the problem remains.

My configuration:

1. slapd.conf on server1 (master):

database ldap hidden on suffix          "dc=keutel,dc=de" rootdn          "cn=admin,dc=keutel,dc=de" uri ldaps://server2/

lastmod on restrict all

acl-bind    bindmethod=simple         binddn="cn=replication,dc=keutel,dc=de"         credentials=secret

syncrepl    rid=001         provider=ldaps://server1/         binddn="cn=replication,dc=keutel,dc=de"         bindmethod=simple         credentials=secret         searchbase="dc=keutel,dc=de"         type=refreshAndPersist         retry="5 5 300 5"

2. converting this to dynamic config using slaptest gives the following entry:

dn: olcDatabase={2}ldap objectClass: olcDatabaseConfig objectClass: olcLDAPConfig olcDatabase: {2}ldap olcHidden: TRUE olcSuffix: dc=keutel,dc=de ...

3. starting slapd with this dynamic configuration

4. reading rootDSE: attribute namingContexts occurs twice with the same value.

How can this be solved?

Regards Jochen.