Re: [Samba] Samba + OpenLdap replication problem

[robert]

Mattia schrieb:
Paul Gienger wrote:

not sure if I can ask here, because this sounds to me more an 
OpenLdap than a Samba problem, but it involves samba too.

Nope, it's just openldap at this point.  It's hard to say exactly 
what your issue is without knowing how your slapd.conf files are set up.

Thanks Paul. Here are slapd.conf files on master and slave servers
********************
****** MASTER ******
********************
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 
23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include        /etc/openldap/schema/core.schema
include        /etc/openldap/schema/cosine.schema
include        /etc/openldap/schema/inetorgperson.schema
include        /etc/openldap/schema/nis.schema
include        /etc/openldap/schema/samba.schema
include        /etc/openldap/schema/redhat/autofs.schema

allow bind_v2
pidfile    /var/run/slapd.pid
argsfile /var/run/slapd.args
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database    ldbm
suffix        "dc=mydomain,dc=myorg,dc=it"
rootdn        "cn=Manager,dc=mydomain,dc=myorg,dc=it"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw        mypass
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory    /var/lib/ldap
# Indices to maintain for this database
index objectClass        eq
index cn            pres,sub,eq
index sn            pres,sub,eq
index uid            pres,sub,eq
index displayName        pres,sub,eq
index uidNumber            eq
index gidNumber            eq
index memberUid            eq
index sambaSID            eq
index sambaPrimaryGroupSID    eq
index sambaDomainName        eq
index default            sub
#############################
# Replicas of this database #
#############################
replogfile /var/log/slurpd.replog
replica    host=bdc.mydomain.myorg.it:389
    tls=no
    binddn="cn=replicator,dc=mydomain,dc=myorg,dc=it"
    bindmethod=simple
    credentials=password
access    to dn=".*,dc=mydomain,dc=myorg,dc=it"
    by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"    write
    by self                            write
    by *                            read
access    to dn="dc=mydomain,dc=myorg,dc=it"
    by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"    write
    by self                            write
    by *                            read

********************
****** SLAVE *******
********************
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 
23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include        /etc/openldap/schema/core.schema
include        /etc/openldap/schema/cosine.schema
include        /etc/openldap/schema/inetorgperson.schema
include        /etc/openldap/schema/nis.schema
include        /etc/openldap/schema/samba.schema
include        /etc/openldap/schema/redhat/autofs.schema

allow bind_v2
pidfile    /var/run/slapd.pid
argsfile /var/run/slapd.args
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database    ldbm
suffix        "dc=mydomain,dc=myorg,dc=it"
rootdn        "cn=Manager,dc=mydomain,dc=myorg,dc=it"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw        mypass
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory    /var/lib/ldap/replica
updatedn    "cn=Manager,dc=mydomain,dc=myorg,dc=it"
updateref    ldap://bdc.mydomain.myorg.it
# Indices to maintain for this database
index objectClass        eq
index cn            pres,sub,eq
index sn            pres,sub,eq
index uid            pres,sub,eq
index displayName        pres,sub,eq
index uidNumber            eq
index gidNumber            eq
index memberUid            eq
index sambaSID            eq
index sambaPrimaryGroupSID    eq
index sambaDomainName        eq
index default            sub
#############################
# Replicas of this database #
#############################
access    to dn=".*,dc=mydomain,dc=myorg,dc=it"
    by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"    write
    by self                            write
    by anonymous                        auth
    by *                            none
access    to dn="dc=mydomain,dc=myorg,dc=it"
    by self                            write
    by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"    write
    by *                            read

Thanks in advance for any help
Bye... Mattia
Hi, have you checked that nscd is killed on the slave ldap server , 
cause this makes trouble
Regards
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba