Hi Andreas,
here are my syncprov and syncrepl configurations:
dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: {0}syncprov olcSpCheckpoint: 5 5
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: {0}syncprov olcSpCheckpoint: 5 5
olcSyncrepl: rid=201 provider=ldap://master.example.com bindmethod=sasl timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0 :0:0 starttls=yes tls_cert="/etc/ssl/certs/slave.pem" tls_key= "/etc/ssl/private/slave.key" tls_cacert="/etc/ssl/certs/ca-cer tificates.crt" tls_reqcert=demand tls_cipher_suite=NORMAL:-VERS-SSL3.0:-VER S-TLS-ALL:+VERS-TLS1.2:-CIPHER-ALL:-SHA1:-MD5:-RSA:+AES-256-CBC:+CAMELLIA-2 56-CBC:+AES-128-CBC:+RSA filter="(objectclass=*)" searchbase="dc=example,dc=com" s cope=sub schemachecking=off type=refreshAndPersist retry="5 10 15 +"
olcSyncrepl: rid=202 provider=ldap://master.example.com bindmethod=sasl timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0 :0:0 starttls=yes tls_cert="/etc/ssl/certs/slave.pem" tls_key= "/etc/ssl/private/slave.key" tls_cacert="/etc/ssl/certs/ca-cer tificates.crt" tls_reqcert=demand tls_cipher_suite=NORMAL:-VERS-SSL3.0:-VER S-TLS-ALL:+VERS-TLS1.2:-CIPHER-ALL:-SHA1:-MD5:-RSA:+AES-256-CBC:+CAMELLIA-2 56-CBC:+AES-128-CBC:+RSA filter="(objectclass=*)" searchbase="ou=db2" scope=sub schemachecking=off type=refreshAndPersist retry="5 10 15 +"
krb5-kdc 1.13.2+dfsg-5ubuntu2 libsasl2-modules-gssapi-mit:amd64 2.1.26.dfsg1-14build1
Hi Andreas,
here are my syncprov and syncrepl configurations:
dn: olcOverlay= {0}syncprov, olcDatabase= {1}mdb, cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 5 5
dn: olcOverlay= {0}syncprov, olcDatabase= {2}mdb, cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 5 5
olcSyncrepl: rid=201 provider= ldap:// master. example. com bindmethod=sasl "/etc/ssl/ certs/slave. pem" tls_key= ssl/private/ slave.key" tls_cacert= "/etc/ssl/ certs/ca- cer suite=NORMAL: -VERS-SSL3. 0:-VER ALL:+VERS- TLS1.2: -CIPHER- ALL:-SHA1: -MD5:-RSA: +AES-256- CBC:+CAMELLIA- 2 +AES-128- CBC:+RSA filter= "(objectclass= *)" searchbase= "dc=example, dc=com" s Persist retry="5 10 15 +"
timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0
:0:0 starttls=yes tls_cert=
"/etc/
tificates.crt" tls_reqcert=demand tls_cipher_
S-TLS-
56-CBC:
cope=sub schemachecking=off type=refreshAnd
olcSyncrepl: rid=202 provider= ldap:// master. example. com bindmethod=sasl "/etc/ssl/ certs/slave. pem" tls_key= ssl/private/ slave.key" tls_cacert= "/etc/ssl/ certs/ca- cer suite=NORMAL: -VERS-SSL3. 0:-VER ALL:+VERS- TLS1.2: -CIPHER- ALL:-SHA1: -MD5:-RSA: +AES-256- CBC:+CAMELLIA- 2 +AES-128- CBC:+RSA filter= "(objectclass= *)" searchbase="ou=db2" Persist retry="5 10 15 +"
timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0
:0:0 starttls=yes tls_cert=
"/etc/
tificates.crt" tls_reqcert=demand tls_cipher_
S-TLS-
56-CBC:
scope=sub schemachecking=off type=refreshAnd
krb5-kdc 1.13.2+ dfsg-5ubuntu2 modules- gssapi- mit:amd64 2.1.26. dfsg1-14build1
libsasl2-