Full_Name: Lanfeut Version: 2.4.36 OS: Centos URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (193.42.151.220)
sometimes my server a not in sync. because server ignoring entry:
do_syncrep2: rid=102 CSN too old, ignoring 20130923090023.266239Z#000000#002#000000
@(#) $OpenLDAP: slapd 2.4.36 (....)
4 server host1 and host 2: only one database c=fr ( contain an ou=apps-ext ) host3 and host 4: tow database: first ou=apps-ext (glued with c=fr ). writable by host1,2,3,4 second c=fr writable only by host1,2
ldap-int1 and ldap-int2 cn=config also into syncrepl mirrorMode ldap-ext1 and ldap-ext2 cn=config also into syncrepl mirrorMode
all server are time sync.
Configuration: grep serverID /etc/openldap/slapd.d/* /etc/openldap/slapd.d/cn=config.ldif:olcServerID: 1 ldaps://ldap-int1.dom.fr /etc/openldap/slapd.d/cn=config.ldif:olcServerID: 2 ldaps://ldap-int2.dom.fr /etc/openldap/slapd.d/cn=config.ldif:olcServerID: 3 ldaps://ldap-ext1.vlandata.dom.fr /etc/openldap/slapd.d/cn=config.ldif:olcServerID: 4 ldaps://ldap-ext2.vlandata.dom.fr
syncrepl: ldap-int1 and ldap-int2 cn=config also into syncrepl
olcSyncrepl: {0}rid=101 provider=ldaps://ldap-int1.dom.fr binddn="uid=syncrepl ,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXXXXX sea rchbase="c=fr" tls_reqcert=never type=refreshAndPersist retry="5 5 300 +" timeout=1 olcSyncrepl: {1}rid=102 provider=ldaps://ldap-int2.cdoms.fr binddn="uid=syncrepl ,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXXXXX sea rchbase="c=fr" tls_reqcert=never type=refreshAndPersist retry="5 5 300 +" timeout=1 olcSyncrepl: {2}rid=103 provider=ldaps://ldap-ext2.vlandata.dom.fr binddn="uid =syncrepl,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XX XXXX tls_reqcert=never searchbase="o=apps-ext,c=fr" type=refreshAndPersist r etry="5 5 300 +" timeout=1 olcSyncrepl: {3}rid=104 provider=ldaps://ldap-ext1.vlandata.dom.fr binddn="uid =syncrepl,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXX XXXX searchbase="o=apps-ext,c=fr" tls_reqcert=never type=refreshAndPersist r etry="5 5 300 +" timeout=1
syncrepl host3 and host4:
database apps-ext: olcSyncrepl: {0}rid=303 provider=ldaps://ldap-ext1.vlandata.dom.fr binddn="uid =syncrepl,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXX XXXX searchbase="o=apps-ext,c=fr" tls_reqcert=never type=refreshAndPersist r etry="5 5 300 +" timeout=1 olcSyncrepl: {1}rid=304 provider=ldaps://ldap-ext2.vlandata.dom.fr binddn="uid =syncrepl,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXX XXX searchbase="o=apps-ext,c=fr" tls_reqcert=never type=refreshAndPersist r etry="5 5 300 +" timeout=1
database c=fr : olcSyncrepl: {0}rid=201 provider=ldaps://ldap-int1.dom.fr binddn="uid=syncrepl ,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXXXXX sea rchbase="c=fr" tls_reqcert=never type=refreshAndPersist retry="5 5 300 +" tim eout=1 olcSyncrepl: {1}rid=202 provider=ldaps://ldap-int2.dom.fr binddn="uid=syncrepl ,ou=system,ou=dom,o=domgroup,c=fr" bindmethod=simple credentials=XXXXXX tls _reqcert=never searchbase="c=fr" type=refreshAndPersist retry="5 5 300 +" tim eout=1
ldap-int1 receive syncrepl modification from ldap-int2 with this log:
ldap-int1 log: syncprov_matchops: skipping original sid 002 Oct 4 15:00:24 ldap-int1 slapd[24555]: slap_graduate_commit_csn: removing 0x7f7bf8200b40 20131004150021.988007Z#000000#002#000000 Oct 4 15:00:24 ldap-int1 slapd[24555]: syncrepl_entry: rid=102 be_add cn=502296-xxxxxx,ou=aaaaa,ou=bbbb,o=cccc,c=dd (0) ... ...
ldap-ext2 receive the same modification an reply to ldap-int1 with new cookie
ldap-int1 log Oct 4 15:00:24 ldap-int1 slapd[24555]: do_syncrep2: rid=103 NEW_COOKIE: rid=103,sid=004,csn=20130304121522.188962Z#000000#000#000000;20131004082718.688747Z#000000#001#000000;20131004150023.350876Z#000000#002#000000;20130920094950.036431Z#000000#003#000000;20130930134451.718477Z#000000#004#000000;20130304131428.455916Z#000000#00b#000000;20130304125618.164164Z#000000#00c#00000
Another modification from ldap-int2 isn't apply to ldap-int1 because of csn too old
Oct 4 15:00:24 ldap-int1 slapd[24555]: syncrepl_entry: rid=102 be_add cn=502296-bbbb,ou=aaaaa,ou=bbbb,o=cccc,c=dd (0) Oct 4 15:00:24 ldap-int1 slapd[24555]: do_syncrep2: rid=102 cookie=rid=102,sid=002,csn=20131004150022.050845Z#000000#002#000000 Oct 4 15:00:24 ldap-int1 slapd[24555]: do_syncrep2: rid=102 CSN too old, ignoring 20131004150022.050845Z#000000#002#000000 (cn=502296-bbbb,ou=aaaaa,ou=bbbb,o=cccc,c=dd) Oct 4 15:00:24 ldap-int1 slapd[24555]: do_syncrep2: rid=102 cookie=rid=102,sid=002,csn=20131004150022.100121Z#000000#002#000000
-
lanfeust99@gmail.com