goudal@bordeaux-inp.fr wrote:
Full_Name: Fr.d.ric Goudal Version: 2.4.46 OS: ubuntu 18.14 LTS URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (147.210.204.135)
The global setup is the following :
- 1 master ldap (2.4.40)
- 1 hidden slave on the master ldap, same suffix, ldap backend
- 1 ldap backend on a distant server (2.4.46)
When starting synchronisation the following event are happening :
- for some reason the sync process ask for creating
dn:uid=foo,ou=bar,dc=my,dc=domaine BEFORE the creation of dn : ou=bar,dc=my,dc=domain
- on the backend the following entries are created in that order
- dn:ou=bar,dc=my,dc=domain with the object class glue
- dn: uid=foo,ou=bar,dc=my,dc=domain
Than... the sync tries to create ou=bar,dc=my,dc=domain with the correct objectClass : organizationalUnit But, as the object exists on the backend ldap, creation fails, and synchronization stops.
Solution -remove by hand the dn: uid=foo,ou=bar,dc=my,dc=domain, that remove the glue object - create by hand the ou=bar,dc=my,dc=domain
What IMHO slapd should do :
- either check that it does not add an object before its parent objects
No. This behavior is already documented in the Syncrepl specification.
- either convert the glue object to the correct object when the real creation is
needed.
The slapd consumer already does this when running on a local database. It would require Manage privileges when running through back-ldap. Check your back-ldap configuration.