LDAP replication breaking referrals

Posted by MasterZ on Server Fault See other posts from Server Fault or by MasterZ
Published on 2013-10-24T15:41:21Z Indexed on 2013/10/24 15:56 UTC
Read the original article Hit count: 203

Filed under:
|
|

We have an issue that we believe is caused by ldap replication changing the port of the referal from 686 (secure) to 389 (unsecure).

If we setup a new referral everything works, but then as soon as we change someone's password it changes on the master, and then the master replicates and the referral breaks. Any further attempts to modify someone's account give the error "PAM: Cannot connect to LDAP".

We used snoop and monitored the firewall to see what was going on. The first password attempt (the one that works) goes over port 686 (as it is supposed to) but every subsequent attempt attempts to use port 389, and therefore fails.

  • We only have 1 referral configured on the client, port 686

© Server Fault or respective owner

Related posts about ldap

Related posts about solaris