- 论坛徽章:
- 0
|
10可用积分
主:192.168.5.42
从: 192.168.5.41
启动不会报错,但是在主服务端更新和添加的数据,从服务端不能接收
在/var/lib/ldap/replica目录下面有个192.168.5.41:389.rej文件,发现内容:
- ERROR: Constraint violation: structuralObjectClass: no user modification allow ed
- replica: 192.168.5.41:389
- time: 1246868887.0
- dn: uid=yccx2004,ou=People,dc=nba126,dc=com
- changetype: add
- uid: yccx2004
- cn: yccx2004
- sn: yccx2004
- objectClass: inetOrgPerson
- objectClass: top
- userPassword:: e2NyeXB0fSEh
- structuralObjectClass: inetOrgPerson
- entryUUID: ad80d672-fe52-102d-8ba9-b13b18ca576d
- creatorsName: cn=Manager,dc=nba126,dc=com
- createTimestamp: 20090706082807Z
- entryCSN: 20090706082807Z#000000#00#000000
- modifiersName: cn=Manager,dc=nba126,dc=com
- modifyTimestamp: 20090706082807Z
复制代码
主服务器的文件配置:
- loglevel 296
- local4.debug /var/log/slapd.log
- include /etc/openldap/schema/core.schema
- include /etc/openldap/schema/cosine.schema
- include /etc/openldap/schema/inetorgperson.schema
- include /etc/openldap/schema/nis.schema
- allow bind_v2
- pidfile /var/run/openldap/slapd.pid
- argsfile /var/run/openldap/slapd.args
- access to attrs=shadowLastChange,userPassword
- by self write
- by anonymous auth
- by dn="cn=Manager,dc=nba126,dc=com" write
- access to *
- by dn="cn=Manager,dc=nba126,dc=com" write
- by * read
- database bdb
- suffix "dc=nba126,dc=com"
- rootdn "cn=Manager,dc=nba126,dc=com"
- rootpw 123456
- directory /var/lib/ldap
- index objectClass eq,pres
- index ou,cn,mail,surname,givenname eq,pres,sub
- index uidNumber,gidNumber,loginShell eq,pres
- index uid,memberUid eq,pres,sub
- index nisMapName,nisMapEntry eq,pres,sub
- replogfile /var/lib/ldap/openldap-master-replog
- replica uri=ldap://192.168.5.41:389
- binddn="cn=Manager,dc=nba126,dc=com"
- bindmethod=simple credentials=123456
复制代码
从服务端的文件配置
- loglevel 296
- local4.debug /var/log/slapd.log
- include /etc/openldap/schema/core.schema
- include /etc/openldap/schema/cosine.schema
- include /etc/openldap/schema/inetorgperson.schema
- include /etc/openldap/schema/nis.schema
- allow bind_v2
- pidfile /var/run/openldap/slapd.pid
- argsfile /var/run/openldap/slapd.args
- access to attrs=shadowLastChange,userPassword
- by self write
- by anonymous auth
- by dn="cn=Manager,dc=nba126,dc=com" write
- access to *
- by dn="cn=Manager,dc=nba126,dc=com" write
- by * read
-
- database bdb
- suffix "dc=nba126,dc=com"
- rootdn "cn=Manager,dc=nba126,dc=com"
- rootpw 123456
- directory /var/lib/ldap
- index objectClass eq,pres
- index ou,cn,mail,surname,givenname eq,pres,sub
- index uidNumber,gidNumber,loginShell eq,pres
- index uid,memberUid eq,pres,sub
- index nisMapName,nisMapEntry eq,pres,sub
- updatedn="cn=Manager,dc=nba126,dc=com"
复制代码
请各位高手帮忙看看,我google了一下,英文的看不太懂,也没找到什么有价值的东西,再次感谢! |
最佳答案
查看完整内容
ERROR: Constraint violation: structuralObjectClass: no user modification allow ed这个提示应该说明你在变更的时候并没有做好合适的structural的OC:objectClass: inetOrgPersonobjectClass: top按照道理top不应该做add上去的吧?说明你源(master)上的数据就不对付?ldap建议严密组织OC。我的设置:dn: cn=zym5,ou=People,o=zymlinuxobjectClass: topobjectClass: personobjectClass: organizationalPersonobjectClass: inet ...
|