https://bugs.openldap.org/show_bug.cgi?id=9514
Issue ID: 9514 Summary: Modification of a record by changing its password in one master, intermittently causes the record to be deleted from other masters. Product: OpenLDAP Version: 2.4.44 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: loojonathand+ldap@gmail.com Target Milestone: ---
We have a network topology with 3 master LDAP servers in 3 different cities. Each master has 1 replica, so a total of 6 LDAP servers. All of them are VMs running CentOS Linux release 7.9.2009.
When we use ldapmodify to modify a record (for example, change its password) on one of the master servers, then the next time LDAP replicates to the other 2 masters, sometimes the record we tried to modify is deleted from the other 2 masters. (The usual procedure is to modify the record in all 3 masters, but the same thing happens if you modify the record in one master LDAP server and then sync the other 2 masters.) So for example if we modify a record on one server
Mar 30 11:58:25 VMWGTNMSBRLD01 slapd[9083]: conn=675967 op=1 MOD dn="uid=JZTEST,ou=users,ou=radius,dc=hnops,dc=net"
then sometimes we get, in one of the other servers:
Mar 30 12:06:38 VMWNLVMSBRLD01 slapd[5079]: syncrepl_del_nonpresent: rid=004 be_delete uid=JZTEST,ou=users,ou=radius,dc=hnops,dc=net (0)
The password-change process uses an "ldapmodify" command not a delete command, so not sure why this happens.