Did you add cn=Replicator,dc=nc,dc=com to your replica before trying
to do this?
Also, you might want to specify 'dn.exact="cn=Replicator,dc=nc,dc=com"
write' instead of just "cn=Replicator,dc=nc,dc=com" write in your
replica's ACL.
The slave ACLs are in the wrong order, so there is no way to Bind
because nobody can access the userPassword attribute.
Thanks a lot for your help.
Now Invalid credentials error is gone. (I created one dn:
uid=Replicator,dc=nc,dc=com in the master and slapcated to slave )
Also changed the ACLs as below:
In Master:
access to attrs=userPassword
by dn="uid=Replicator,dc=nc,dc=com" write
by self write
by * auth
access to *
by dn="uid=Replicator,dc=nc,dc=com" write
by self write
by * read
And
replica uri=ldap://192.168.128.248:6666
suffix="dc=nc,dc=com"
binddn="uid=Replicator,dc=nc,dc=com"
bindmethod=simple credentials=secret
In Slave:(Same as Master)
access to attrs=userPassword
by self write
by dn="uid=Replicator,dc=nc,dc=com" write
by * auth
access to *
by dn="uid=Replicator,dc=nc,dc=com" write
by self write
by * read
updatedn "uid=Replicator,dc=nc,dc=com"
In Master slurpd -d 256 gives the following: (When I try to delete DN
"uid=flexlm,ou=People,dc=sca,dc=nc,dc=com in Master)
Error: ldap_delete_s failed deleting DN
"uid=flexlm,ou=People,dc=sca,dc=nc,dc=com": no write access to parent
Error: ldap operation failed, data written to
"/usr/local/var/openldap-slurp/replica/192.168.128.248:6666.rej"
And in slave: slapd -d 256 gives :
conn=1 fd=11 ACCEPT from IP=192.168.128.238:34313
(IP=192.168.128.248:6666)
conn=1 op=0 BIND dn="uid=Replicator,dc=nc,dc=com" method=128
conn=1 op=0 BIND dn="uid=Replicator,dc=nc,dc=com" mech=SIMPLE ssf=0
conn=1 op=0 RESULT tag=97 err=0 text=
conn=1 op=1 DEL dn="uid=flexlm,ou=People,dc=sca,dc=nc,dc=com"
conn=1 op=1 RESULT tag=107 err=50 text=no write access to parent
I assume some ACL issue,but I am helpless to find it out
Requesting your help
Thanks
Sandeep
