Hi all, I'm a newbie. I recently installed openldap2.4.10 on 2 of my systems.My requirement is to chain the master database on to the slave database..I followed the manual and tried the folowing .The Master and Slave slapd.conf's are as follows:
*The Master config file is as follows: *#include statments ......... ......... access to * by dn.base="cn=root,ou=Users,dc=example,dc=com" read by * break
####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=root,dc=example,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq
overlay syncprov # contextCSN saved to database every 100 updates or ten minutes syncprov-checkpoint 100 10
*The Slave config file as folows:
*#include statments ......... ......... ####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=root,dc=example,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq
syncrepl rid=100 provider=ldap://Master type=refreshAndPersist retry="5 5 300 +" searchbase="dc=example,dc=com" attrs=* bindmethod=simple binddn="cn=root,ou=Users,dc=example,dc=com" credentials="<secret>" updateref "ldap://Master"
----------------------------------------------------------------------------------- After this i started the Master server and slave Server with -d 256 option to see like this: *master log:* ber_get_next on fd 12 failed errno=0 (Success) connection_read(12): input error=-2 id=5, closing. connection_closing: readying conn=5 sd=12 for close connection_close: deferring conn=5 sd=12 daemon: activity on 1 descriptor conn=5 op=1 do_unbind daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=NULL daemon: epoll: listen=8 active_threads=0 tvp=NULL connection_resched: attempting closing conn=5 sd=12 connection_close: conn=5 sd=12 daemon: removing 12
*slave log:* slapd starting request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (4 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (3 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (2 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (1 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying ------------------------------------------------------------------------------- It means that the slave is not being replicated .. can any one please tell me why this ldap_sasl_bind_s failed (49) is coming.. thanks in advance.
RamakrishnaDeepak Battu schrieb:
Hi all, I'm a newbie. I recently installed openldap2.4.10 on 2 of my systems.My requirement is to chain the master database on to the slave database..I followed the manual and tried the folowing .The Master and Slave slapd.conf's are as follows:
*The Master config file is as follows: *#include statments ......... ......... access to * by dn.base="cn=root,ou=Users,dc=example,dc=com" read
check the following line of your acl - see man 5 slapd.access for examples
by * break
####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=root,dc=example,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq
overlay syncprov # contextCSN saved to database every 100 updates or ten minutes syncprov-checkpoint 100 10
*The Slave config file as folows:
*#include statments ......... ......... ####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=root,dc=example,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq
syncrepl rid=100 provider=ldap://Master type=refreshAndPersist retry="5 5 300 +" searchbase="dc=example,dc=com" attrs=* bindmethod=simple binddn="cn=root,ou=Users,dc=example,dc=com" credentials="<secret>" updateref "ldap://Master"
After this i started the Master server and slave Server with -d 256 option to see like this: *master log:* ber_get_next on fd 12 failed errno=0 (Success) connection_read(12): input error=-2 id=5, closing. connection_closing: readying conn=5 sd=12 for close connection_close: deferring conn=5 sd=12 daemon: activity on 1 descriptor conn=5 op=1 do_unbind daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=NULL daemon: epoll: listen=8 active_threads=0 tvp=NULL connection_resched: attempting closing conn=5 sd=12 connection_close: conn=5 sd=12 daemon: removing 12
*slave log:* slapd starting request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (4 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (3 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (2 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying (1 retries left) request done: ld 0x8238850 msgid 1 do_syncrep1: rid 100 ldap_sasl_bind_s failed (49) do_syncrepl: rid 100 retrying
It means that the slave is not being replicated .. can any one please tell me why this ldap_sasl_bind_s failed (49) is coming.. thanks in advance.
____________ Virus checked by G DATA AntiVirusKit Version: AVK 18.4288 from 27.06.2008 Virus news: www.antiviruslab.com
openldap-technical@openldap.org