Hi I am very new to OpenLDAP, and we have a multi master configuration with us and our replication is not working. The error we get in log file is mainly :
slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=<sample value>" ldap_sasl_bind_s failed (-1).
Attaching below logs after starting slapd service , Could you please help us ?
Oct 16 14:15:47 <our ldap host> slapd[853101]: @(#) $OpenLDAP: slapd 2.6.3 (Nov 15 2023 00:00:00) $#012#011openldap Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 11 (TLSProtocolMin 3.3) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 12 (TLSCertificateFile <path to crt file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 13 (TLSCertificateKeyFile <path to key file file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 14 (TLSCipherSuite ECDHE-RSA-AES256-SHA) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 17 (disallow bind_anon) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 19 (require bind) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 21 (security simple_bind=128) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 23 (serverID 001) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 23: SID=0x001 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 25 (moduleload syncprov) Oct 16 14:15:47 <our ldap host> slapd[853101]: loaded module syncprov Oct 16 14:15:47 <our ldap host> slapd[853101]: module syncprov: null module registered Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 28 (database config) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 29 (rootdn cn=admin,cn=config) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=admin,cn=config> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=admin,cn=config>, <cn=admin,cn=config> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 30 (rootpw ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 33 (database monitor) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=Monitor>, <cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 36 (database mdb) Oct 16 14:15:47 <our ldap host> slapd[853101]: mdb_db_init: Initializing mdb database Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 37 (suffix dc=<sample value>,dc=com) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <dc=<sample value>,dc=com>, <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 38 (rootdn cn=Manager,dc=<sample value>,dc=com) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=Manager,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=Manager,dc=<sample value>,dc=com>, <cn=manager,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 39 (rootpw ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 40 (directory /home/ldap) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 49 (syncrepl ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: str2filter "(objectclass=*)" Oct 16 14:15:47 <our ldap host> slapd[853101]: begin get_filter Oct 16 14:15:47 <our ldap host> slapd[853101]: PRESENT Oct 16 14:15:47 <our ldap host> slapd[853101]: end get_filter 0 Oct 16 14:15:47 <our ldap host> slapd[853101]: Config: ** successfully added syncrepl rid=001 "<provider url>" Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 51 (mirrormode TRUE) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 52 (multiprovider on) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 55 (index entryCSN eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index entryCSN 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 56 (index entryUUID eq ) Oct 16 14:15:47 <our ldap host> slapd[853101]: index entryUUID 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 58 (index objectClass eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index objectClass 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 59 (index ps eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index ps 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 60 (index <sample value>-safe-id eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index <sample value>--id 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 61 (checkpoint 128 15) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 64 (overlay syncprov) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 66 (syncprov-checkpoint 100 10) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 72 (limits dn.exact=cn=<sample value>,dc=<sample value>,dc=com size=unlimited time=unlimited) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=Subschema> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=subschema> Oct 16 14:15:47 <our ldap host> slapd[853103]: slapd startup: initiated. Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "cn=config" Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open: No explicit ACL for back-config configured. Using hardcoded default Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=config" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.895827Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=module{0}" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.896054Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=schema" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.897011Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn={0}core> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn={0}core> Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn={0}core" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.899435Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn={1}> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn={1}> Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn={1}" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903375Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={-1}frontend" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903549Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={0}config" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903679Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={1}monitor" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903828Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={2}mdb" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.904066Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcOverlay={0}syncprov" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.904212Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "cn=Monitor" Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=log> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=sasl> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=time> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=tls> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 0,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 0,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 1,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 1,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max File Descriptors> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max file descriptors> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Total> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=total> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Current> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=current> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Frontend> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=frontend> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 0,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 0,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 2,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 2,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1,cn=Overlays,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1,cn=overlays,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 3,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 3,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1,cn=Overlays,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1,cn=overlays,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Bind> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=bind> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Unbind> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=unbind> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Search> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=search> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Compare> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=compare> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Modify> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=modify> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Modrdn> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=modrdn> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Add> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=add> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Delete> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=delete> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Abandon> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=abandon> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Extended> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=extended> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 2,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 2,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Bytes> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=bytes> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=PDU> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=pdu> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Entries> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=entries> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Referrals> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=referrals> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max Pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Open> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=open> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Starting> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=starting> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Active> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=active> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backload> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backload> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=State> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=state> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Runqueue> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=runqueue> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Tasklist> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=tasklist> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Start> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=start> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Current> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=current> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Uptime> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=uptime> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Read> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=read> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Write> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=write> Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_db_open: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_db_open: database "dc=<sample value>,dc=com": dbenv_open(/home/ldap). Oct 16 14:15:47 <our ldap host> slapd[853103]: syncprov_db_open: starting syncprov for suffix dc=<sample value>,dc=com Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: ndn: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: oc: "(null)", at: "contextCSN" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_dn2entry("dc=<sample value>,dc=com") Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_dn2id("dc=<sample value>,dc=com") Oct 16 14:15:47 <our ldap host> slapd[853103]: <= mdb_dn2id: got id=0x1 Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_decode: Oct 16 14:15:47 <our ldap host> slapd[853103]: <= mdb_entry_decode Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: found entry: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_entry_get: rc=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: slapd starting Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 4r listener=(nil) Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 7r listener=0x5612300dd830 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 8r listener=0x5612300dd920 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 9r listener=0x5612300ddad0 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 10r listener=0x5612300ddbc0 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 11r listener=0x5612300ddd10 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:47 <our ldap host> slapd[853103]: Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Consumer 001> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=consumer 001> Oct 16 14:15:47 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:47 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (4 retries left) Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:47 <our ldap host> slapd[853103]: Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:52 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:52 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (3 retries left) Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:52 <our ldap host> slapd[853103]: Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:57 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:57 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (2 retries left) Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor
Hi,
It seen to be a TLS problem, you may test a manual connection from the consumer to the provider using tstclnt (or ldapsearch). For instance :
tstclnt -b -D -h provider.domain.tld -p 636 -C
Double check the hostname use to connect to your provider and check its certificate is recognized as trusted by our consumer host.
Le 16 octobre 2024 11:42:59 GMT+02:00, mridumit@amdocs.com a écrit :
Hi I am very new to OpenLDAP, and we have a multi master configuration with us and our replication is not working. The error we get in log file is mainly :
slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=<sample value>" ldap_sasl_bind_s failed (-1).
Attaching below logs after starting slapd service , Could you please help us ?
Oct 16 14:15:47 <our ldap host> slapd[853101]: @(#) $OpenLDAP: slapd 2.6.3 (Nov 15 2023 00:00:00) $#012#011openldap Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 11 (TLSProtocolMin 3.3) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 12 (TLSCertificateFile <path to crt file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 13 (TLSCertificateKeyFile <path to key file file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 14 (TLSCipherSuite ECDHE-RSA-AES256-SHA) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 17 (disallow bind_anon) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 19 (require bind) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 21 (security simple_bind=128) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 23 (serverID 001) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 23: SID=0x001 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 25 (moduleload syncprov) Oct 16 14:15:47 <our ldap host> slapd[853101]: loaded module syncprov Oct 16 14:15:47 <our ldap host> slapd[853101]: module syncprov: null module registered Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 28 (database config) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 29 (rootdn cn=admin,cn=config) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=admin,cn=config> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=admin,cn=config>, <cn=admin,cn=config> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 30 (rootpw ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 33 (database monitor) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=Monitor>, <cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 36 (database mdb) Oct 16 14:15:47 <our ldap host> slapd[853101]: mdb_db_init: Initializing mdb database Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 37 (suffix dc=<sample value>,dc=com) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <dc=<sample value>,dc=com>, <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 38 (rootdn cn=Manager,dc=<sample value>,dc=com) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnPrettyNormal: <cn=Manager,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnPrettyNormal: <cn=Manager,dc=<sample value>,dc=com>, <cn=manager,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 39 (rootpw ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 40 (directory /home/ldap) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 49 (syncrepl ***) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: str2filter "(objectclass=*)" Oct 16 14:15:47 <our ldap host> slapd[853101]: begin get_filter Oct 16 14:15:47 <our ldap host> slapd[853101]: PRESENT Oct 16 14:15:47 <our ldap host> slapd[853101]: end get_filter 0 Oct 16 14:15:47 <our ldap host> slapd[853101]: Config: ** successfully added syncrepl rid=001 "<provider url>" Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 51 (mirrormode TRUE) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 52 (multiprovider on) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 55 (index entryCSN eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index entryCSN 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 56 (index entryUUID eq ) Oct 16 14:15:47 <our ldap host> slapd[853101]: index entryUUID 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 58 (index objectClass eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index objectClass 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 59 (index ps eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index ps 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 60 (index <sample value>-safe-id eq) Oct 16 14:15:47 <our ldap host> slapd[853101]: index <sample value>--id 0x0004 Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 61 (checkpoint 128 15) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 64 (overlay syncprov) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 66 (syncprov-checkpoint 100 10) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 72 (limits dn.exact=cn=<sample value>,dc=<sample value>,dc=com size=unlimited time=unlimited) Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=<sample value>,dc=<sample value>,dc=com> Oct 16 14:15:47 <our ldap host> slapd[853101]: >>> dnNormalize: <cn=Subschema> Oct 16 14:15:47 <our ldap host> slapd[853101]: <<< dnNormalize: <cn=subschema> Oct 16 14:15:47 <our ldap host> slapd[853103]: slapd startup: initiated. Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "cn=config" Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context Oct 16 14:15:47 <our ldap host> slapd[853103]: config_back_db_open: No explicit ACL for back-config configured. Using hardcoded default Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=config" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.895827Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=module{0}" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.896054Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn=schema" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.897011Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn={0}core> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn={0}core> Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn={0}core" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.899435Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn={1}> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn={1}> Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "cn={1}" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903375Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={-1}frontend" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903549Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={0}config" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903679Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={1}monitor" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.903828Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcDatabase={2}mdb" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.904066Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: config_build_entry: "olcOverlay={0}syncprov" Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_get_csn: conn=-1 op=0 generated new csn=20241016084547.904212Z#000000#001#000000 manage=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "cn=Monitor" Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backends> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=connections> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=databases> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listeners> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Log> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=log> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=operations> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlays> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=SASL> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=sasl> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=statistics> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=threads> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Time> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=time> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=TLS> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=tls> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnPretty: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnPretty: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=waiters> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 0,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 0,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 1,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 1,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max File Descriptors> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max file descriptors> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Total> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=total> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Current> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=current> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Frontend> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=frontend> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 0,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 0,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 2,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 2,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1,cn=Overlays,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1,cn=overlays,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backend 3,cn=Backends,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backend 3,cn=backends,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1,cn=Overlays,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1,cn=overlays,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 3> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Listener 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=listener 4> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Bind> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=bind> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Unbind> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=unbind> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Search> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=search> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Compare> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=compare> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Modify> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=modify> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Modrdn> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=modrdn> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Add> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=add> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Delete> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=delete> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Abandon> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=abandon> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Extended> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=extended> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 0> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 1> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Database 2,cn=Databases,cn=Monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=database 2,cn=databases,cn=monitor> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Overlay 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=overlay 2> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Bytes> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=bytes> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=PDU> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=pdu> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Entries> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=entries> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Referrals> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=referrals> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Max Pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=max pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Open> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=open> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Starting> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=starting> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Active> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=active> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=pending> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Backload> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=backload> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=State> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=state> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Runqueue> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=runqueue> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Tasklist> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=tasklist> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Start> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=start> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Current> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=current> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Uptime> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=uptime> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Read> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=read> Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Write> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=write> Oct 16 14:15:47 <our ldap host> slapd[853103]: backend_startup_one: starting "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_db_open: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_db_open: database "dc=<sample value>,dc=com": dbenv_open(/home/ldap). Oct 16 14:15:47 <our ldap host> slapd[853103]: syncprov_db_open: starting syncprov for suffix dc=<sample value>,dc=com Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: ndn: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: oc: "(null)", at: "contextCSN" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_dn2entry("dc=<sample value>,dc=com") Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_dn2id("dc=<sample value>,dc=com") Oct 16 14:15:47 <our ldap host> slapd[853103]: <= mdb_dn2id: got id=0x1 Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_decode: Oct 16 14:15:47 <our ldap host> slapd[853103]: <= mdb_entry_decode Oct 16 14:15:47 <our ldap host> slapd[853103]: => mdb_entry_get: found entry: "dc=<sample value>,dc=com" Oct 16 14:15:47 <our ldap host> slapd[853103]: mdb_entry_get: rc=0 Oct 16 14:15:47 <our ldap host> slapd[853103]: slapd starting Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 4r listener=(nil) Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 7r listener=0x5612300dd830 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 8r listener=0x5612300dd920 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 9r listener=0x5612300ddad0 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 10r listener=0x5612300ddbc0 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: added 11r listener=0x5612300ddd10 Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:47 <our ldap host> slapd[853103]: Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: >>> dnNormalize: <cn=Consumer 001> Oct 16 14:15:47 <our ldap host> slapd[853103]: <<< dnNormalize: <cn=consumer 001> Oct 16 14:15:47 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:47 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:47 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (4 retries left) Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:47 <our ldap host> slapd[853103]: Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:47 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:52 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:52 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (3 retries left) Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: activity on: Oct 16 14:15:52 <our ldap host> slapd[853103]: Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:52 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=7 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=8 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=9 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=10 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: epoll: listen=11 active_threads=0 tvp=zero Oct 16 14:15:57 <our ldap host> slapd[853103]: =>do_syncrepl rid=001 Oct 16 14:15:57 <our ldap host> slapd[853103]: slap_client_connect: URI=<provider url> DN="cn=<sample value>,dc=<sample value>,dc=com" ldap_sasl_bind_s failed (-1) Oct 16 14:15:57 <our ldap host> slapd[853103]: do_syncrepl: rid=001 rc -1 retrying (2 retries left) Oct 16 14:15:57 <our ldap host> slapd[853103]: daemon: activity on 1 descriptor
We are able to test the connection from consumer to the provider and vice versa as well and also able to retrieve the certificate.
We checked via ldapsearch.
But still the replication is not working.
Hi,
Am 16.10.2024 um 11:42 schrieb mridumit@amdocs.com:
Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 12 (TLSCertificateFile <path to crt file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 13 (TLSCertificateKeyFile <path to key file file>) Oct 16 14:15:47 <our ldap host> slapd[853101]: /etc/openldap/slapd.conf: line 14 (TLSCipherSuite ECDHE-RSA-AES256-SHA)
Do you have installed the CA certificates somewhere?
"When using OpenSSL, if neither TLSCACertificateFile nor TLSCACertificatePath is set, the system-wide default set of CA certificates is used."
Dirk
We are using our own CA sign certificate for TLSCertificateFile and TLSCertificateKeyFile.
We store the CA certificates at our location /tmp/ldap/ca.pem --> Signer CA Certificate
below is our configuration in slapd.conf :
# Enable only >= TLSv1.2 TLSProtocolMin 3.3 TLSCertificateFile /tmp/ldap/consumer_hostname.crt TLSCertificateKeyFile /tmp/ldap/consumer_hostname.key
Note : We are using RHEL 9. TLSCipherSuite ECDHE-RSA-AES256-SHA
Then, in my opinion, you have to define
TLSCACertificateFile /tmp/ldap/ca.pem
in slapd.conf.
Am 17.10.2024 um 11:06 schrieb mridumit@amdocs.com:
We are using our own CA sign certificate for TLSCertificateFile and TLSCertificateKeyFile.
We store the CA certificates at our location /tmp/ldap/ca.pem --> Signer CA Certificate
below is our configuration in slapd.conf :
# Enable only >= TLSv1.2 TLSProtocolMin 3.3 TLSCertificateFile /tmp/ldap/consumer_hostname.crt TLSCertificateKeyFile /tmp/ldap/consumer_hostname.key
Note : We are using RHEL 9. TLSCipherSuite ECDHE-RSA-AES256-SHA
--On Friday, October 18, 2024 11:22 AM +0200 Dirk Kastens dirk.kastens@uni-osnabrueck.de wrote:
Then, in my opinion, you have to define
TLSCACertificateFile /tmp/ldap/ca.pem
Correct. I would also note that 2.6.3 is 2 years old and a current release of OpenLDAP 2.6 should be used instead.
--Quanah
openldap-technical@openldap.org
-
Benjamin Renard -
Dirk Kastens -
mridumit@amdocs.com -
Quanah Gibson-Mount