ldap_sasl_bind_s failed (-1)

Question

I have configured the openldap multimaster based on this guide: https://kifarunix.com/setup-openldap-master-master-replication-on-centos-8/ but the replication between two servers doesn't work. and I get this error:

on server1: slap_client_connect: URI=ldaps://ldapmaster02.kifarunix-demo.com DN="cn=admin,dc=ldapmaster,dc=kifarunix-demo,dc=com" ldap_sasl_bind_s failed (-1)

on server 2:slap_client_connect: URI=ldaps://ldapmaster01.kifarunix-demo.com DN="cn=admin,dc=ldapmaster,dc=kifarunix-demo,dc=com" ldap_sasl_bind_s failed (-1).

what is wrong in the guide? Regards

Mohammad · Accepted Answer · 2022-07-25T10:45:57.667

0

The issue is resolved. I used the same password and hash text for all ldif configuration files. Also I used the below link to generate certificate files with alternate dns names: https://gist.github.com/KeithYeh/bb07cadd23645a6a62509b1ec8986bbc Also the olcaccess for the cn=manager must be write. In that document the olcaccess for cn=manager is not set. Regards

edited Jul 25 '22 at 10:45

answered Jul 20 '22 at 06:16

Mohammad

11
4

certificate files on both master nodes are the same. – Mohammad Jul 20 '22 at 06:17
use this page to install: openldap 2.5.13: https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/RCRPB2LZHEMYEJBJKDEYR2M6R66ZYXSW/ – Mohammad Feb 05 '23 at 19:20
to compile version 2.5.13: ./configure --prefix=/usr --sysconfdir=/etc --disable-static --enable-debug --with-tls=openssl --with-cyrus-sasl --enable-dynamic --enable-crypt --enable-spasswd --enable-slapd --enable-modules --enable-rlookups --enable-backends=mod --disable-ndb --disable-sql --enable-overlays=mod --enable-wt=no – Mohammad Feb 05 '23 at 20:25

ldap_sasl_bind_s failed (-1)

1 Answers1

Linked