Full_Name: Barry Colston
Version: 2.4.23
OS: Fedora 10
URL:
ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (209.255.208.200)
When a "Refresh Present" phase is performed at a multi-master consumer, objects
that were deleted at the provider
while the consumer was down are not deleted from the multi-master consumer (if
the provider is brought down and back up after the consumer is down). This
problem can be duplicated as follows:
1. Start provider
2. Start consumer, which is configured as a multi-master server
3. Add 10 records to the provider and wait until the records are replicated to
the multi-master consumer
4. Stop the consumer
5. Delete 3 of the records that were added to the provider
6. Stop the provider
7. Start the provider
8. Start the consumer
9. After giving the consumer time to perform the refresh present phase, the 3
records that were deleted at the provider while the consumer was down
are still present on the consumer and were not deleted during the refresh
present phase
Note: the consumer database must have a contextCSN attribute value present for
itself (e.g., there should be 2 contextCSN attribute values
present in the consumer database, one for the provider (in my configuration,
this is serverID 000), and one value for the consumer
(in my configuration, this is serverID 001). An example of the contextCSN
values follows:
dn: dc=authentx
objectClass: top
entryUUID: 8eb6b259-ab66-49bd-b012-674c4f0fba8f
contextCSN: 20101012154030.379053Z#000000#000#000000
contextCSN: 20101012141508.956053Z#000000#001#000000
OpenLDAP 2.4.23 is being used, along with Berkeley 4.6.21 (plus patches).
Consumer log file from -d sync logging option:
@(#) $OpenLDAP: slapd 2.4.23 (Oct 11 2010 18:00:59) $
Barry@XTecVisaAdmin:/usr/src/openldap-2.4.23/servers/slapd
slapd starting
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - SYNC_ID_SET
do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_PRESENT
do_syncrep2: rid=001
cookie=rid=001,csn=20101012180219.072053Z#000000#000#000000
slap_queue_csn: queing 0x1841a30 20101012180219.072053Z#000000#000#000000
slap_graduate_commit_csn: removing 0x1841b18
20101012180219.072053Z#000000#000#000000
daemon: shutdown requested and initiated.
slapd shutdown: waiting for 1 operations/tasks to finish
slapd stopped.
Provider slapd.conf file:
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/authentx.schema
pidfile /usr/local/var/slapd.sync1.pid
argsfile /usr/local/var/slapd.sync1.args
allow bind_v2
threads 32
#loglevel 416
password-hash {SSHA}
serverID 000
database bdb
suffix "dc=authentx"
rootdn "cn=xroot,dc=authentx"
rootpw SECRET
directory /authentx/db/ldap/authentx-sync1
overlay syncprov
syncprov-checkpoint 100 15
syncprov-sessionlog 150000
# checkpoint <kbytes> <min>
checkpoint 128 20
#index for the objectclass
index objectClass eq,pres
index cid,eid,pid eq,pres
index gcoid eq,pres
index sysid,certid eq,pres
index imageid,bioid eq,pres
index addrid,emplid eq,pres
index acid,apid,aeid eq,pres
index acpid,agpid eq,pres
index deviceid eq,pres
index qid eq,pres
index scid eq,pres
index docid eq,pres
index procid eq,pres
index prochandlerid eq,pres
index ounit eq,pres
index credentials eq,pres
index entities eq,pres
index permissions eq,pres
index region eq,pres
index aliasedObjectName eq,pres
index proctype eq,pres
index procname eq,pres
index status eq,pres
index upi,ediident eq,pres
index xsync eq,pres
index role,xrole eq,pres
index eroid eq,pres
index esfunction eq,pres
index nippsector eq,pres
index ercog,ercoop eq,pres
index eropron eq,pres
index xsyncid eq,pres
index stockid eq,pres
index stocktypecode eq,pres
index lotserialin eq,pres
index lotserialout eq,pres
index entryCSN,entryUUID eq
index incl eq,pres
cachesize 10000
dncachesize 20000
idlcachesize 1000
sizelimit 500000
timelimit 36000
include /usr/local/etc/openldap/acl.authentx
database monitor
Consumer slapd.conf file:
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/authentx.schema
pidfile /usr/local/var/slapd.sync2.pid
argsfile /usr/local/var/slapd.sync2.args
allow bind_v2
threads 32
#loglevel 416
password-hash {SSHA}
serverID 001
database bdb
suffix "dc=authentx"
rootdn "cn=xroot,dc=authentx"
rootpw SECRET
directory /authentx/db/ldap/authentx-sync2
overlay syncprov
syncprov-checkpoint 100 15
syncprov-sessionlog 5000
# SLAVE server replication section
syncrepl rid=001
provider=ldap://localhost:3891
type=refreshAndPersist
retry="30 60 60 +"
searchbase="dc=authentx"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=xroot,dc=authentx"
credentials="SECRET"
mirrormode on
# checkpoint <kbytes> <min>
checkpoint 128 20
#index for the objectclass
index objectClass eq,pres
index cid,eid,pid eq,pres
index gcoid eq,pres
index sysid,certid eq,pres
index imageid,bioid eq,pres
index addrid,emplid eq,pres
index acid,apid,aeid eq,pres
index acpid,agpid eq,pres
index deviceid eq,pres
index qid eq,pres
index scid eq,pres
index docid eq,pres
index procid eq,pres
index prochandlerid eq,pres
index ounit eq,pres
index credentials eq,pres
index entities eq,pres
index permissions eq,pres
index region eq,pres
index aliasedObjectName eq,pres
index proctype eq,pres
index procname eq,pres
index status eq,pres
index upi,ediident eq,pres
index xsync eq,pres
index role,xrole eq,pres
index eroid eq,pres
index esfunction eq,pres
index nippsector eq,pres
index ercog,ercoop eq,pres
index eropron eq,pres
index xsyncid eq,pres
index stockid eq,pres
index stocktypecode eq,pres
index lotserialin eq,pres
index lotserialout eq,pres
index entryCSN,entryUUID eq
index incl eq,pres
cachesize 10000
dncachesize 20000
idlcachesize 1000
sizelimit 100000
timelimit 36000
# the authentx database access control directives
include /usr/local/etc/openldap/acl.authentx
database monitor