> > For syncrepl to work do we need to enable the sasl? I had the sasl > > disabled and configured to replicate using simple bindmethod, with > > the following config: > > syncrepl rid=001 > > provider=ldap://ldap2.example.com > > type=refreshAndPersist > > retry="5 5 300 +" > > searchbase="o=tld" > > bindmethod=simple > > binddn="uid=admin,ou=users,o=tld" > > credentials=password > > schemachecking=on > > > > but I get the following error: > > > > slap_client_connect: URI=ldap://ldap2.example.com > > DN="uid=admin,ou=users,o=tld" ldap_sasl_bind_s failed > (-1) > > ldap_sasl_bind_s is the name of the binding function for > both simple and SASL binds. It doesn't mean you're > performing a SASL bind. If it was a dn/password issue, > you would see error code 49. You got error code -1, > which seems to imply it cannot open a connection to > ldap2.example.com from that server. > > --Quanah
Thanks for your response! ldap1-client <-> slapd2: Communication OK slapd1 <-> ldap2-client: Communication OK slapd1 <-/-> slapd2: Communication failure Using 'ldapsearch' command, I am able to bind and search on the slapd2 server from the server (slapd1) that is issuing the above error and vice-versa. So, the client modules from one server have no trouble connecting the slapd on the other server, however, the slapd to slapd communication via slap_client_connect for syncrepl seems to have an issue. I am wondering if there is anything in the cn=config configuration that could lead to this. Thanks
