Full_Name: Mark Cairney Version: 2.4.44 (git_master) OS: Centos 6 x86_64 URL: http://homepages.ed.ac.uk/mcairney/delta-mmr-memberof.tar.gz Submission from: (NULL) (129.215.201.136)

Hi,

I think I've identified an issue where if you have more than 2 OpenLDAP servers set up in MMR using delta-syncrepl and push-based replication (refreshAndPersist) and the memberOf overlay. If you add/delete objects which are maintained by the memberOf overlay i.e. users and groups delta-syncrepl goes out-of-sync and triggers a SYNC_ID_SET refresh on the consumers. It looks like it receives the same change from all other nodes. This behaviour doesn't appear to happen when using pull-based replication with delta-syncrepl or standard syncrepl (push and pull-based).

To confirm this behaviour I removed the memberOf overlay from the config, dumped the database, removed any "memberOf" attributes and put the database back in place (slapcat/slapadd on both cn=config and my main DB) on all 3 nodes. Without the memberof overlay loaded sync behaved normally on all 3 nodes.

In the tarball I've included a sanitised copy of my config (Schema, ACLs, password hashes, indices for non-standard attributes, operational attributes all removed), a log entry showing deletion of an object not managed by memberOf (a netgroup entry), and log entries showing what happens when a group is deleted both with and without the memberOf overlay.

The 3 servers are identical in both config and hardware spec apart from the olcSASLHost. They are Sun X4150's with 24GB RAM, 10KRPM HDDs in 2 pairs of RAID-1 and 2x4 CPU cores (Xeon E5540 @2.53GHz).