Problem

ldapsearch with the default user cn=update prints “invalid credentials” on a backup or slave server.

root@ucs:~# ldapsearch -x -D cn=update,dc=multi,dc=ucs -w $(cat /etc/ldap/rootpw)  -s base
ldap_bind: Invalid credentials (49)

Solution

The “cn=update” user is a local user per server. Make sure ldapsearch tries to connect to the correct server and check the related ucr-variables. ldap/server/name should point to your local server.

ucr set ldap/server/name=$(hostname -f)