I've upgraded my 2 ldap servers to 2.4.39 and have been trying to get
mirror mode to work with no luck.
I've removed out for now TLS and using ldap:///
The issue I've had since 2.4.23 version and now is
"LDAP_RES_INTERMEDIATE - REFRESH_DELETE"
Everything else works but have run into this issue that can't resolve.
I've looked up in the forum for other references to this, but not seeing
a clear resolution.
Others, keep getting additional messages beyond this, but mine stops at
this.
I've tried running also with slapd -h "ldapi:/// ldap:///"; -d 7 but
getting stuck as well
Your help is greatly appreciated!
[root@ldap-east ~]# slapd -d sync
54243242 @(#) $OpenLDAP: slapd 2.4.39 (Sep 17 2014 15:14:19) $
[email protected]:/root/rpmbuild/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd
54243242 /etc/openldap/slapd.conf: line 226: rootdn is always granted
unlimited privileges.
54243242 slapd starting
54243242 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
Provider/Master side - slapd.conf (ldap-east)
-------------------------------------------
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/sudo.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
modulepath /usr/lib/openldap
modulepath /usr/lib64/openldap
moduleload accesslog.la
moduleload rwm.la
moduleload syncprov.la
disallow bind_anon
moduleload back_bdb
moduleload back_ldap
backend bdb
database monitor
access to *
by dn.exact="cn=Manager,dc=xxxxx,dc=net" read
by * none
database bdb
suffix "dc=xxxxx,dc=net"
checkpoint 1024 15
rootdn "cn=Manager,dc=xxxxx,dc=net"
rootpw xxxxx
directory /var/lib/ldap
access to *
by dn.base="cn=TestSync,ou=Roles,dc=xxxxx,dc=net" write
by * break
access to attrs=userPassword,shadowLastChange
by dn="cn=Manager,dc=xxxxx,dc=net" write
by anonymous auth
by self write
by * none
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index entryCSN,entryUUID eq
serverID 1
overlay syncprov
syncprov-checkpoint 100 1
syncprov-sessionlog 100
#LDAP Sync - Slave
syncrepl rid=001
provider=ldap://ldap-west.xxxxx.net
bindmethod=simple
binddn="cn=TestSync,ou=Roles,dc=xxxxx,dc=net"
credentials="xxxxxx"
searchbase="dc=xxxxx,dc=net"
schemachecking=off
type=refreshAndPersist
retry="60 +"
filter="(objectclass=*)"
attrs="*,+"
mirrormode on
loglevel -1
Consumer/Slave side - slapd.conf (ldap-west) - only difference is the
replication section
-------------------------------------------
....
serverID 2
overlay syncprov
syncprov-checkpoint 100 1
syncprov-sessionlog 100
#LDAP Sync - Master
syncrepl rid=001
provider=ldap://ldap-east.xxxxx.net
bindmethod=simple
binddn="cn=TestSync,ou=Roles,dc=xxxxx,dc=net"
credentials="xxxxxx"
searchbase="dc=xxxxx,dc=net"
schemachecking=off
type=refreshAndPersist
retry="60 +"
filter="(objectclass=*)"
attrs="*,+"
mirrormode on
