I have a LDAP master server installed on CentOS-5.4 and I have installed LDAP on one more machine and I want it be configured as LDAP slave server but when I am importing the LDIF file or trying to create any new object in slave LDAP getting the below errors:
LDIF text import Could not add object dc=transcomus,dc=com LDAP said: Server is unwilling to perform Error number: 0x35 (LDAP_UNWILLING_TO_PERFORM) Description: The LDAP server refused to perform the operation.
There is no permission issue already checked that on /var/lib/ldap
Any help much appreciate..
Thanks Ramesh
It sounds to me like you're attempting to import a database dump into a running slave, either by means of
ldapaddorslapcat. A running slapd instance with a replication mechanism configured in slave mode will reject all write attempts and return the message you provided.If my slurpd based slapd servers ever became inconsistent I executed a fairly straight forward recovery procedure:
/var/lib/ldap(you might want to save yourDB_CONFIGfile if the parameters aren't defined in slapd.conf)slapaddto rebuild the directory on the slave (moveDB_CONFIGback if necessary)Switch the master back into read-write mode.
yes, I am using slurpd replication method. It was running fine but somehow it broke down and till then its not working
You're probably running OpenLDAP 2.3.43 since that's what's packaged in CentOS 5.4. Unfortunately because of that you're also likely to run into replication issues again in the future unless you can upgrade to a newer OpenLDAP (2.4) server.
slurpdwas very flawed, check out the OpenLDAP 2.4 docs for a complete explanation of why. The newer OpenLDAP releases come with a new replication mechanism calledsyncreplwhich is much more robust and nearly impervious to failure.In the future if you're interested in getting help migrating to a newer OpenLDAP server I can offer guidance there as well.