Ralf Zimmermann <r.zimmermann(a)siegnetz.de> writes:
I think I have a problem with the overlay chain and tls. We have one physical
master and two slaves in VMware Vsphere4. Our configuration runs normally fine,
but sometimes we can't modify entries like passwords to the master. Then we
must restart the slapd at the slaves. After restarting slapd all works fine.
Then slapd works fine the wholy day. We can change entries or set passwords on
the slaves. Next morning we must restart the slapd again, because we can't
modify entries from the slaves. But we can query the slapd and syncrepl works
fine. Only things over the overlay chains doesn't work. I have the problem not
only with Version 2.4.20. I tested more Versions and actually 2.4.21 from
If I can't set entries on the slave I don't see any tcp packets from the slave
to the master. DNS, time and so on looks fine and everything else is working.
And if we restart slapd everything is working. Does anybody know what is going
wrong and if there exits a workaround. I read some things abount /dev/random,
/dev/urandom and kernel 2.6 in VMware. Can this be the problem?
Here the overlay chain configuration.
Any help is appreciated.
What version is this?
I found that with 2.4.21 a tls_cacert option solved my problem.
slapd-ldap(5) provides more TLS options.
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6