Re: lloadd and cn=config
Am 07.12.23 um 17:40 schrieb Quanah Gibson-Mount: My question was more, once you add the database config block, if you ldapsearch the cn=config database it generates, does it match what you get from slatpest conversion. Now I understand :-). so that's what I did now adding -- database config rootdn "cn=admin,cn=config" rootpw config -- to slapd.conf and start slapd with slapd.conf then I did: ldapsearch -x -D cn=admin,cn=config -w geheim -b cn=config -H ldap://loadbalancer01.example.net -LLL > slapd-conf.ldif Then: rm -rf /opt/symas/etc/openldap/slapd.d/* slapadd -n0 -F /opt/symas/etc/openldap/slapd.d/ -l slapd-conf.ldif chown -R openldap: /opt/symas/etc/openldap/slapd.d/ switch to start slapd via cn=config then: systemctl restart symas-openldap-server.service Slapd has started. But the behavior is the same. Same error message as before. --- ldapsearch -x -D uid=repl-user,ou=users,dc=example,dc=net -w geheim ldap_bind: Server is unavailable (52) additional info: no connections available --- Stefan smime.p7s Description: Kryptografische S/MIME-Signatur
Re: lloadd and cn=config
--On Thursday, December 7, 2023 5:23 PM +0100 Stefan Kania wrote: I added: -- database config rootdn "cn=admin,cn=config" rootpw config -- to the slapd.conf. After adding slapd is still working with slapd.conf then I converted the slapd.conf with: slaptest -F /opt/symas/etc/openldap/slapd.d -f /opt/symas/etc/openldap/slapd.conf My question was more, once you add the database config block, if you ldapsearch the cn=config database it generates, does it match what you get from slatpest conversion. --Quanah
Re: lloadd and cn=config
Am 06.12.23 um 22:12 schrieb Quanah Gibson-Mount: --On Wednesday, December 6, 2023 8:11 PM +0100 Stefan Kania wrote: Hi Ondrej, I restarted with a new test. Now I'm having 2 loadbalancer one is configured via cn=config and one over slapd.conf. Both are configured exactly the same. Same binduser, same ldap-server same everything. For my test I started tcpdump on the loadbalancer and on the two ldap-server. Out of curiosity - If you define a: database config section in slapd.conf, and then make it so you can connect to the config db and dump it via ldapsearch, does it match your cn=config database you're working from? or have the same issue if you use that dump as the configuration? I added: -- database config rootdn "cn=admin,cn=config" rootpw config -- to the slapd.conf. After adding slapd is still working with slapd.conf then I converted the slapd.conf with: slaptest -F /opt/symas/etc/openldap/slapd.d -f /opt/symas/etc/openldap/slapd.conf without any error. I can start slapd but: It's exactly the same. The slapd starts, I can see the listening ports with "ss -tlpn" But ldapsearch is still showing: ldapsearch -x -D uid=repl-user,ou=users,dc=example,dc=net -w geheim ldap_bind: Server is unavailable (52) additional info: no connections available These are exactly the same messages as before. Stefan --Quanah smime.p7s Description: Kryptografische S/MIME-Signatur
