Hello,
with the manager I can login without problems . The ReplicationUser I can not sign in. Does anyone know why? I enclose my slapd.conf and the error message in / var / log / messages

Thank you

slapd.conf
Code:
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include        /etc/openldap/schema/core.schema
include        /etc/openldap/schema/cosine.schema
include        /etc/openldap/schema/inetorgperson.schema
include        /etc/openldap/schema/rfc2307bis.schema
include        /etc/openldap/schema/yast.schema
include        /etc/openldap/schema/YYY-attributes.schema
include        /etc/openldap/schema/YYY-objects.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral    ldap://root.openldap.org

pidfile        /var/run/slapd/slapd.pid
argsfile    /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath    /usr/lib/openldap/modules
# moduleload    back_ldap.la
# moduleload    back_meta.la
# moduleload    back_monitor.la
# moduleload    back_perl.la

# Sample security restrictions
#    Require integrity protection (prevent hijacking)
#    Require 112-bit (3DES or better) encryption for updates
#    Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access to user password
#               Allow anonymous users to authenticate
#               Allow read access to everything else
#       Directives needed to implement policy:
access to dn.base=""
        by * read

access to dn.base="cn=Subschema"
        by * read

access to attrs=userPassword,userPKCS12
        by self write
     by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" write
     by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write
     by dn.base="cn=DMSAAA Modul,ou=DMSAAA,o=Administration,c=de" read
        by * auth

#access to attr=shadowLastChange
#        by self write
#        by * read
#
#access to *
#        by * read

access    to dn.base="o=Administration,c=de"
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write

access    to dn.children="o=Administration,c=de"
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write

access to dn.base="o=FIRMA1,c=de"
    by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" read
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=IPEMAread,ou=IPEMA,o=Administration,c=de" read
    by dn.base="cn=dkspider,ou=dkspider,o=Administration,c=de" read

access to dn.children="ou=Person,o=FIRMA1,c=de"
    by dn.base="cn=DMSAAA Modul,ou=DMSAAA,o=Administration,c=de" read
    by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" write
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=HHHHread,ou=HHHH,o=Administration,c=de" read
    by dn.base="cn=dkspider,ou=dkspider,o=Administration,c=de" read

access to dn.children="o=FIRMA1,c=de"
    by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" write
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=HHHHread,ou=HHHH,o=Administration,c=de" read
    by dn.base="cn=dkspider,ou=dkspider,o=Administration,c=de" read

access to dn.base="o=Landesverwaltung Rheinland-Pfalz,c=de"
    by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" write
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write

access to dn.children="o=FIRMA2,c=de"
    by dn.base="cn=Konto Login Modul,ou=Informationssystem,ou=Administrative Dienste,o=FIRMA2,c=de"
    write
    by dn.base="cn=jndiServ Modul,ou=jndiServ,o=Administration,c=de" write
    by dn.base="cn=XXZZread,ou=AdminUser,o=Administration,c=de" read
    by dn.base="cn=XXZZwrite,ou=AdminUser,o=Administration,c=de" write
    by dn.base="cn=ReplicationUser,ou=AdminUser,o=Administration,c=de" write
    by self write
#    by * read

#access to * by self write
#    by * read

disallow bind_anon

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

loglevel 4 


database bdb
suffix "c=de"
rootdn "cn=Manager,c=de"
rootpw "{SSHA}3i/nHQ+UOZ5syPwY0/V7Go64p/lA0uaN"
directory /var/lib/ldap
checkpoint 1024 5
cachesize 10000
sizelimit 999999

# hinzugefuegt fuer replication
index objectClass eq
# Hinzugefuegt fuer Replication
index entryCSN,entryUUID eq
index uidNumber eq
# overlay syncprov
overlay syncprov
syncprov-checkpoint 100 10
# Maximale Anzahl der Eintraege fuer das Sessionlog im Arbeitsspeicher
syncprov-sessionlog 200
logfile:
Code:
Apr 20 15:16:12 ldap01 slapd[8380]: send_ldap_result: err=0 matched="" text=""
Apr 20 15:16:12 ldap01 slapd[8380]: connection_get(12)
Apr 20 15:16:12 ldap01 slapd[8380]: SRCH "c=de" 1 0
Apr 20 15:16:12 ldap01 slapd[8380]:     0 60 0
Apr 20 15:16:12 ldap01 slapd[8380]:     filter: (objectClass=*)
Apr 20 15:16:12 ldap01 slapd[8380]:     attrs:
Apr 20 15:16:12 ldap01 slapd[8380]:  objectclass
Apr 20 15:16:12 ldap01 slapd[8380]:
Apr 20 15:16:12 ldap01 slapd[8380]: send_ldap_result: err=32 matched="" text=""