Hi, thanks. it is fixed now. I get another trouble with doing replication over SSL on redhat. I dont know how to config the slave.If you can help with my other post, that would be greatly appreciated. From: Ulrich Windl Ulrich.Windl@rz.uni-regensburg.de To: openldap-technical@openldap.org; wailoktam@yahoo.com Sent: Wednesday, November 26, 2014 5:26 PM Subject: Antw: getting warning:var/lib/ldap/__db.004 is not owned by "ldap" and ldap wont start
wailok tam wailoktam@yahoo.com schrieb am 26.11.2014 um 04:36 in Nachricht
1434320209.699036.1416973016975.JavaMail.yahoo@jws100111.mail.ne1.yahoo.com:
Hi, all, I get the warning given in the title and ldap stops even after reporting to start successfully. The error is fixed by doing a chown for the affected files. It was mysteriously changed to root. I change it back to ldap and it works again. However, I want to know what has caused this to happen. Anyone can help?
Most likely: You started slapadd as root?
I am in the course of changing a slurpd-based replication to a syncrepl-based replication. I suspect that is relevant. In the old and working master config: rootdn: root binddn for replication(slurpd) directive: replicator In the old and working slave config: rootdn: replicator
In the new master config: rootdn: root
In the new slave config: rootdn: replicator binddn for replication(syncrepl) directive: replicator What has caused the db.00X file to be owned by root? The new configs once start without error. But I find the replication is not doing its job when I check on the slave the data of a user account I changed on the master side. So I go back to the old config. And then the var/lib/ldap/__db.004 is not owned by "ldap" comes up and ldap wont start on the slave. Maybe the syncrepl has been working partially, just in a different name and causes the problem?Maybe it is not working at all as I dont know what to put about ssl/tls in the slave config file. In the master, I have commented out the tls cert/key lines and access to the server by the client are done with the ldaps:// port. But I dont know what to do with the slapd.conf of the slave file. Does it have to get the ssl lines commented out in order to get allowed to access the master. Any help would be greatly appreciated.
openldap-technical@openldap.org