So, I set up a new LDAP server on 10.99.16.11 as a master/producer. I
wanted to be able to play around with both ends and not worry about
breaking the production server. I'm trying to get .7 to grab the
directory via syncrepl, and it's bombing out. I thought this had been
working at some point between .7 and .5, but after running around so
much with it, I just wanted to be at a fresh starting point.
The issue, on .7, is:
Jul 30 09:30:12 unix-services2 slapd[8391]: slapd starting
Jul 30 09:30:12 unix-services2 slapd[8391]: daemon: added 4r
Jul 30 09:30:12 unix-services2 slapd[8391]: daemon: added 7r
Jul 30 09:30:12 unix-services2 slapd[8391]: daemon: select:
listen=7active_threads=0 tvp=zero
Jul 30 09:30:12 unix-services2 slapd[8391]: =>do_syncrepl
Jul 30 09:30:12 unix-services2 slapd[8391]: do_syncrep1:
ldap_sasl_bind_s failed (49)
Jul 30 09:30:12 unix-services2 slapd[8391]: daemon: shutdown requested
and initiated.
Jul 30 09:30:12 unix-services2 slapd[8391]: daemon: closing 7
Jul 30 09:30:12 unix-services2 slapd[8391]: slapd shutdown: waiting for
0 threads to terminate
Jul 30 09:30:12 unix-services2 slapd[8391]: slapd shutdown: initiated
Jul 30 09:30:12 unix-services2 slapd[8391]: ====> bdb_cache_release_all
Jul 30 09:30:12 unix-services2 slapd[8391]: slapd destroy: freeing
system resources.
Jul 30 09:30:12 unix-services2 slapd[8391]: slapd stopped.
On .11, it says:
Jul 30 08:55:18 test1 slapd[4919]: daemon: read active on 13
Jul 30 08:55:18 test1 slapd[4919]: connection_get(13)
Jul 30 08:55:18 test1 slapd[4919]: connection_get(13): got connid=0
Jul 30 08:55:18 test1 slapd[4919]: connection_read(13): checking for
input on id
=0
Jul 30 08:55:18 test1 slapd[4919]: ber_get_next on fd 13 failed errno=11
(Resource temporarily unavailable)
Jul 30 08:55:18 test1 slapd[4919]: daemon: select: listen=7
active_threads=0 tvp=NULL
Jul 30 08:55:18 test1 slapd[4919]: daemon: select: listen=8
active_threads=0 tvp=NULL
Jul 30 08:55:18 test1 slapd[4919]: do_bind
Jul 30 08:55:18 test1 slapd[4919]: >>> dnPrettyNormal:
<cn=syncuser,dc=mydomain,dc=com>
Jul 30 08:55:18 test1 slapd[4919]: <<< dnPrettyNormal:
<cn=syncuser,dc=mydomain,dc=com>,
<cn=syncuser,dc=mydomain,dc=com>
Jul 30 08:55:18 test1 slapd[4919]: do_bind: version=3
dn="cn=syncuser,dc=mydomain,dc=com" method=128
Jul 30 08:55:18 test1 slapd[4919]: conn=0 op=0 BIND
dn="cn=syncuser,dc=mydomain,dc=com" method=128
Jul 30 08:55:18 test1 slapd[4919]: ==> bdb_bind: dn:
cn=syncuser,dc=mydomain,dc=com
Jul 30 08:55:18 test1 slapd[4919]:
bdb_dn2entry("cn=syncuser,dc=mydomain,dc=com")
Jul 30 08:55:18 test1 slapd[4919]: =>
bdb_dn2id("cn=syncuser,dc=mydomain,dc=com")
Jul 30 08:55:18 test1 slapd[4919]: <= bdb_dn2id: get failed:
DB_NOTFOUND: No matching key/data pair found (-30989)
Jul 30 08:55:18 test1 slapd[4919]: send_ldap_result: conn=0 op=0 p=3
Jul 30 08:55:18 test1 slapd[4919]: send_ldap_result: err=49 matched=""
text=""
Jul 30 08:55:18 test1 slapd[4919]: send_ldap_response: msgid=1 tag=97
err=49
Jul 30 08:55:18 test1 slapd[4919]: conn=0 op=0 RESULT tag=97 err=49
text=
Googling do_syncrep1: ldap_sasl_bind_s failed (49) tells me this is an
authentication issue, and even though it mentions "sasl", that does not
mean it's a SASL failure. Funny thing is, I know the username/password
are OK, because I can log in to a host that's pointed at .11
--
***********************************************************************
* John Oliver http://www.john-oliver.net/ *
* *
***********************************************************************
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
