Buchan Milne schrieb: > On Thursday 25 October 2007 21:51:12 Marcus Frischherz wrote: >> Hi, >> > >> I set up in the master: > > If this was *exactly* what was in your slapd.conf, it is broken. White space > is very important in slapd.conf, there should be leading white space before > the first characters on your line starting with bindmethod (as it is part of > the replica statement, which should be on one line, and lines may be > continued by using leading white space on the next line to aid readability). > >> replogfile /var/lib/ldap/slurpd/slurpd.replog >> replica host=frifri_vpn:389 binddn="uid=rmanager,ou=intern,o=rori" >> bindmethod=simple credentials=xxx
That newline was created by Thunderbird, in reality the replogfile statement is one line, and the replica statement is one line, without continuation >> updatedn="uid=rmanager,ou=intern,o=rori" updateref rori_vpn:389 > > And here, the updatedn should be the first text on a new line (no leading > white space), and the same thing for updateref. If you really have updatedn > and updateref on the same line, this would explain your problem below. > Well, that's what I thought, and what my LDAP book says. However, if I put the updateref statement on a separate subsequent line, I get the following error upon start-up of slapd: /etc/openldap/slapd.conf: line 103: <updateref> must appear after syncrepl or updatedn This after I changed the slave to look like this: updatedn="uid=rmanager,ou=intern,o=rori" updateref rori_vpn:389 > > The slave will only accept operational attributes from the updatedn. > Additionally, it won't accept any changes from anything but the updatedn, if > the updateref is set. So, it seems like slapd on the slave is not parsing > either of your updatedn or updateref statements. > > If you don't succeed in fixing the issue, please attach sanitised versions of > your configuration files, so we can be sure we are looking at *exactly* what > you have in slapd.conf. > How to samitize? tarred attachments? > I note that slurpd-based replication is deprecated in 2.3, and slurpd has > been > removed from 2.4. Well, the administrator's guide, chapter 14, in the file replication.html distributed with the package openldap2 does not mention deprecation. regards, Marcus
