Hi Dieter, Here are the two ldifs I used to configure everything: (only difference is the order the olcServerID is placed in.
First Master: dn: cn=config changetype: modify replace: olcServerID olcServerID: 10 ldap://10.211.55.8 olcServerID: 20 ldap://10.211.55.11 dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=ldap://10.211.55.8 binddn="cn=config" bindmethod=simple credentials=$PASS searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldap://10.211.55.11 binddn="cn=config" bindmethod=simple credentials=$PASS searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE Second Master: dn: cn=config changetype: modify replace: olcServerID olcServerID: 20 ldap://10.211.55.11 olcServerID: 10 ldap://10.211.55.8 dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=ldap://10.211.55.8 binddn="cn=config" bindmethod=simple credentials=$PASS searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldap://10.211.55.11 binddn="cn=config" bindmethod=simple credentials=$PASS searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE On 03 Sep 2010, at 15:55, Dieter Kluenter wrote: > Am Fri, 3 Sep 2010 14:25:51 +0200 > schrieb Alister Forbes <[email protected]>: > >> All, >> >> My situation is that I'm trying to get replication working between >> two instances of openldap 2.4.23, both running on RHEL5, both built >> with the same options, and db built under them with the same options, >> and both OS instances are the same (cloned VMs) >> >> I can see the two slapd's trying to communicate, but athough the >> passwords supplied in 'credentials' are definitely correct, I keep >> seeing the err=49 in the logs below >> >> I've been struggling with this for days now.. can anyone give me a >> hint what I've messed up? >> >> >> Also, I'm not sure if it's related, but I now can't change anything >> in the servers configs directly, I keep getting - >> >> ldap_modify: Server is unwilling to perform (53) >> additional info: shadow context; no update referral >> >> I think this is the behaviour you would expect when the server was a >> syncrepl slave, but these are supposed to be multi-mastered. >> >> Any help, greatfully received >> Alister >> >> output of ldapsearch: >> >> # {0}config, config >> dn: olcDatabase={0}config,cn=config >> olcSyncrepl: {0}rid=001 provider=ldap://10.211.55.8 >> binddn="cn=config" bindmet hod=simple credentials=cisco123 >> searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" >> timeout=1 olcSyncrepl: {1}rid=002 provider=ldap://10.211.55.11 >> binddn="cn=config" bindme thod=simple credentials=cisco123 >> searchbase="cn=config" type=refreshAndPersis t retry="5 5 300 5" >> timeout=1 > > [...] > > Did you load the syncprov overlay? And did you declare mirrorMode? You > only provide some syncrepl configuration. > > -Dieter > > -- > Dieter Klünter | Systemberatung > sip: [email protected] > http://www.dpunkt.de/buecher/2104.html > GPG Key ID:8EF7B6C6 > > -- Alister Forbes Work: +32 2 704 5762 Internal: 322 5762 [email protected] TACSUNS _.|._.|._ Cisco Systems Please avoid sending me Word or PowerPoint attachments. See - http://www.gnu.org/philosophy/no-word-attachments.html
