Syncrepl, dumb question

Sat, 24 Nov 2007 07:27:51 -0800 

I am newbie, I am trying to configure Syncrepl beetwen 2 OpenLDAP servers.
I have read FAQ, Admin's guide, mailing lists, but I didn't find any answer 
about my problem.

The master server is on 192.168.1.255 subnet and is working fine.
Now I am triyng to replicate it to another server in 192.168.123.255 subnet.

Replication from provider to consumer works good (if I write an entry in 
provider, it will be replicated to consumer), but if I try to write to consumer 
(ldapadd -x -D cn=Manager,dc=DOMAIN -W -f file.ldif) I get only this answer:

adding new entry "cn=newentry,dc=DOMAIN"
ldap_add: Referral (10)
        referrals:
                ldap://192.168.1.100/cn=newentry,dc=DOMAIN

but nothing appears in provider's log and LDAP databases.

How can configure Syncrepl in order to write to consumer and replicate entries 
to provider too?
(OpenLDAP: slapd 2.3.30 on Debian Etch).

Following examples in FAQ, I configured provider and consumer as showed below:


=================CONSUMER=================
[cut]
suffix          "dc=DOMAIN"
rootdn          "cn=Manager,dc=DOMAIN"
rootpw          {SSHA}something-hashed
[cut]
access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
        by dn="cn=syncuser,dc=DOMAIN" write
        by anonymous auth
        by self write
        by * none

access to dn.base="" by * read

# The admin dn has full write access, everyone else
# can read everything.
access to *
        by dn="cn=syncuser,dc=DOMAIN" write
        by * read

syncrepl rid=1
        provider=ldap://192.168.1.100:389
        type=refreshAndPersist
        retry="60 +"
        searchbase="dc=DOMAIN"
        scope=sub
        schemachecking=off
        bindmethod=simple
        binddn="cn=syncuser,dc=DOMAIN"
        credentials=secret

updateref ldap://192.168.1.100


=================PROVIDER=================
[cut]
suffix          "dc=DOMAIN"

rootdn          "cn=Manager,dc=DOMAIN"

rootpw          {SSHA}something-hashed
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
[cut]
access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
        by dn="cn=admin,dc=ENIGMA" write
        by dn="cn=syncuser,dc=ENIGMA" write
        by anonymous auth
        by self write
        by * none

access to *
        by dn="cn=admin,dc=ENIGMA" write
        by dn="cn=syncuser,dc=ENIGMA" write
        by * read





      ___________________________________ 
L'email della prossima generazione? Puoi averla con la nuova Yahoo! Mail: 
http://it.docs.yahoo.com/nowyoucan.html

Reply via email to