--On Thursday, January 2, 2025 9:37 AM -0500 Ulises Gonzalez Horta
<[email protected]> wrote:
Hi Shawn
After closely inspecting both/all entries with slapcat on each of the
servers I confirmed that all the user entries are being replicated
-except- for the userPassword one.
So it looks like we found the issue.
Question is how to fix it, why is it not replicating the userPassword
attribute?
I have removed my filter entry from my olcSyncrepl, now it looks like this
olcSyncrepl: {0}rid=100 provider=ldap://master:389 type=refr
eshOnly interval=00:00:05:00 retry="300 +"
searchbase="dc=metrocast,dc=net" t
imelimit=unlimited sizelimit=unlimited bindmethod=simple
binddn="cn=repl,ou=boxes,dc=metrocast,dc=net" credentials="aaa" starttls
=critical tls_cacertdir="/etc/ldap/certs"
But still not replicating the userPassword attribute, any clue??
Likely your provider does not grant read access for the userPassword
attribute to the "cn=repl,ou=boxes,dc=metrocast,dc=net" user. You should
be able to test this from the command line with ldapsearch.
--Quanah
