We need detailed information about the problem you face and also some details about your environment. You can use the form outlined below. Feel free to amend it as needed.
Please refer to https://fedorahosted.org/bind-dyndb-ldap/wiki/BugReporting for further information (and examples).
When named starts up I get the following errors.
10-Jan-2017 16:20:08.306 database: debug 1: sctx state 0 reached (reset) 10-Jan-2017 16:20:08.306 database: debug 1: LDAP syncrepl filter = '(| (objectClass=idnsConfigObject) )' 10-Jan-2017 16:20:08.306 database: error: LDAP error: Critical extension is unavailable: unable to start SyncRepl session: is RFC 4533 supported by LDAP server? 10-Jan-2017 16:20:08.306 database: error: LDAP configuration synchronization failed: socket is not connected 10-Jan-2017 16:20:08.306 database: error: ldap_syncrepl will reconnect in 60 seconds
Entire DNS operation.
Attach any error messages or other suspicious information you see in logs. E.g. in /var/named/data/named.run or /var/log/messages.
/var/log/dirsrv/slapd-vmpkca/access:
10/Jan/2017:16:20:08.305869048 -0800] conn=74 fd=67 slot=67 connection from local to /var/run/slapd-vmpkca.socket [10/Jan/2017:16:20:08.305970187 -0800] conn=74 op=0 BIND dn="" method=128 version=3 [10/Jan/2017:16:20:08.306019692 -0800] conn=74 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [10/Jan/2017:16:20:08.306339788 -0800] conn=74 op=1 SRCH base="(null)" scope=2 filter="(|(objectClass=idnsConfigObject))", failed to decode LDAP controls [10/Jan/2017:16:20:08.306359506 -0800] conn=74 op=1 RESULT err=12 tag=101 nentries=0 etime=0 [10/Jan/2017:16:20:08.306535980 -0800] conn=74 op=2 UNBIND [10/Jan/2017:16:20:08.306548222 -0800] conn=74 op=2 fd=67 closed - U1
bind-dyndb-ldap-10.0-5.el7.x86_64
bind-9.9.4-38.el7_3.x86_64
Red Hat Enterprise Linux Server release 7.3 (Maipo)
x86_64
No.
389-ds-base-1.3.5.10-12.el7_3.x86_64
dynamic-db "wdas" { library "ldap.so"; arg "uri ldapi://%2fvar%2frun%2fslapd-vmpkca.socket"; arg "base cn=dns,dc=my,dc=internal,dc=domain,dc=com"; arg "auth_method none"; arg "psearch yes"; arg "serial_autoincrement yes"; arg "sync_ptr yes"; arg "connections 2"; };
No
Oops, Yes we have settings in global configuration object in LDAP:
ldapsearch -h vmpkca -LLLx -D 'cn=directory manager' -W -b 'cn=dns,dc=my,dc=internal,dc=domain,dc=com' '(objectClass=idnsConfigObject)' Enter LDAP Password: dn: cn=dns,dc=my,dc=internal,dc=domain,dc=com objectClass: idnsConfigObject objectClass: nsContainer objectClass: top cn: dns idnsAllowSyncPTR: TRUE idnsForwardPolicy: first
Metadata Update from @wdaschrisjsteinke: - Issue assigned to pspacek - Issue set to the milestone: 0.0 TRIAGE
Form DS pov: - The err=12 (LDAP_UNAVAILABLE_CRITICAL_EXTENSION) means that syncRepl control is not in the supported list of control - SyncRepl control is supported in 389-ds-base-1.3.5.10-12.el7_3.x86_64 via a plugin 'cn=Content Synchronization,cn=plugins,cn=config' This plugin depends on RetroCL plugin - A possible explanation is that either RetroCL or Content_Synch plugin were not enabled
Metadata Update from @pspacek: - Assignee reset
SyncRepl plugin has to be enabled in DS.
Metadata Update from @tkrizek: - Issue close_status updated to: invalid - Issue set to the milestone: None (was: 0.0 TRIAGE) - Issue status updated to: Closed (was: Open)
Metadata Update from @tkrizek: - Custom field rhbz adjusted to 0
Log in to comment on this ticket.