docker-openldap
docker-openldap copied to clipboard
osixia
Replication failed with 'slap_global_control: unrecognized control'
I'm trying to set master-replica configuration. Master env.yaml:
LDAP_TLS=true
LDAP_TLS_CRT_FILENAME=<crt>
LDAP_TLS_KEY_FILENAME=<key>
LDAP_TLS_CA_CRT_FILENAME=<ca
LDAP_DOMAIN=<domain>
LDAP_BACKEND=bdb
LDAP_REMOVE_CONFIG_AFTER_SETUP=false
LDAP_CONFIG_PASSWORD=<pass>
LDAP_ADMIN_PASSWORD=<pass>
LDAP_TLS_VERIFY_CLIENT=try
LDAP_OPENLDAP_UID=<user>
LDAP_OPENLDAP_GID=<user>
Master starts Ok.
Replication env:
LDAP_TLS=true
LDAP_TLS_CRT_FILENAME=<crt>
LDAP_TLS_KEY_FILENAME=<key>
LDAP_TLS_CA_CRT_FILENAME=<ca
LDAP_DOMAIN=<domain>
LDAP_BACKEND=bdb
LDAP_REMOVE_CONFIG_AFTER_SETUP=false
LDAP_CONFIG_PASSWORD=<pass>
LDAP_ADMIN_PASSWORD=<pass>
LDAP_TLS_VERIFY_CLIENT=try
LDAP_OPENLDAP_UID=<user>
LDAP_OPENLDAP_GID=<user>
LDAP_REPLICATION=true
LDAP_BASE_DN=dc=<domain>,dc=net
LDAP_REPLICATION_HOSTS='<ldap_master_url>'
LDAP_REPLICATION_CONFIG_SYNCPROV=binddn="cn=admin,cn=config" bindmethod=simple credentials="$LDAP_CONFIG_PASSWORD" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
LDAP_REPLICATION_DB_SYNCPROV=binddn="cn=Manager,$LDAP_BASE_DN" bindmethod=simple credentials="$LDAP_ADMIN_PASSWORD" searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
In master logs I see following error:
5d2b070f slap_global_control: unrecognized control: 1.3.6.1.4.1.4203.1.9.1.1
And see nothing on replica server.
I've tried to add mod_syncprov module to master:
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/openldap
olcModuleLoad: syncprov.la
as well as syncprov.ldif:
dn: olcOverlay=syncprov,olcDatabase={2}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpSessionLog: 100
If I don't specify syncprov - I don't see that replica server tries to connect to master.
