I had this problem in 2.4.6 too. Set 'bindmethod' back to 'simple' add: TLSVerifyClient try|allow|never
to your global section. The default TLSVerifyClient value (seems to have) changed from 'never' to 'demand' in 2.4.6. Mark "Lawrence Strydom" writes: > Thanks Howard > > I updated my config files according to the 2.3 Documentation but I > still have the same problem. Slapd starts without error on both the > master and the slave but when it runs syncrepl it complains about the > sasl interactive bind that fails: > syncrepl rid=123 > provider=ldap://ldap1.tbiraq.com > type=refreshAndPersist > #interval=01:00:00:00 > searchbase="dc=mydomain,dc=com" > filter="(objectClass=organizationalPerson)" > scope=sub > attrs="cn,sn,ou,telephoneNumber,title,l" > schemachecking=off > #updatedn="cn=replica,dc=mydomain,dc=com" > bindmethod=sasl > #saslmech=digest-md5 > binddn="cn=Administrator,dc=mydomain,dc=com" > credentials="{ssha}mypassword" man slapd.conf(5) bindmethod is either simple or sasl, if your choice is sasl you have to provide a saslmech and authcid or autzid but not a binddn. -Dieter -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6
