Re: (ITS#9056) Replication does not work with different schemas on primary and secondary LDAP
Hello, Howard Thank you for a quick reply
Actually, I have the configuration with several LDAP server without this = problem. But the version of these LDAPs is a bit less - 2.4.31.=20 On this installation when I changed the schema on the main server, on = secondary I see fully replicated data and warnings about unknown = attributes like:
5d36b192 UNKNOWN attributeDescription "TESTTYPE" inserted.
Can I get the same behavior on the current/latest version?
Thank you in advance. Best regards, Alex
On Jul 22, 2019, at 19:38, Howard Chu hyc@symas.com wrote: =20 alex.s@wildix.com wrote:
Full_Name: Alex Version: 2.4.44+dfsg-5+deb9u2 OS: Debian 9 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (154.41.3.130) =20 =20 Looks like schemachecking parameter does not work properly =20 I have a few LDAPs On main LDAP server I changed the schema with an additional =
attribute.
=20 On the secondary LDAPs I have a problem with replication (does not =
download
items which have new attribute) =20 I have the following configuration on the secondary LDAP: =20 olcSyncrepl: {0}rid=3D001 provider=3Dldap://remote_ldap_addr =
bindmethod=3Dsimple
timeout=3D0 network-timeout=3D0 binddn=3D"cn=3Dadmin,dc=3Dexample" =
credentials=3D"testPass"
starttls=3Dno filter=3D"(objectclass=3D*)" searchbase=3D"dc=3Dexample" =
scope=3Dsub
schemachecking=3Doff type=3DrefreshAndPersist interval=3D00:00:02:00 =
retry=3D"5 +"
=20 =20 I have the following errors in syslog: =20 Jul 22 17:05:29 221100000e68 slapd[6838]: null_callback : error code =
0x50
Jul 22 17:05:29 221100000e68 slapd[6838]: syncrepl_entry: rid=3D001 =
be_add
uid=3D1326514,o=3Dcom0,dc=3Dexample failed (80) Jul 22 17:05:29 221100000e68 slapd[6838]: do_syncrepl: rid=3D001 rc =
80 retrying
Jul 22 17:05:34 221100000e68 slapd[6838]: null_callback : error code =
0x50
Jul 22 17:05:34 221100000e68 slapd[6838]: syncrepl_entry: rid=3D001 =
be_add
uid=3D1326514,o=3Dcom0,dc=3Dexample failed (80) Jul 22 17:05:34 221100000e68 slapd[6838]: do_syncrepl: rid=3D001 rc =
80 retrying
Jul 22 17:05:39 221100000e68 slapd[6838]: null_callback : error code =
0x50
Jul 22 17:05:39 221100000e68 slapd[6838]: syncrepl_entry: rid=3D001 =
be_add
uid=3D1326514,o=3Dcom0,dc=3Dexample failed (80) Jul 22 17:05:39 221100000e68 slapd[6838]: do_syncrepl: rid=3D001 rc =
80 retrying
=20 syncrepl is ignoring the schema as you requested. However the =
underlying backend is refusing
to store the entries that syncrepl passes to it. =20 In general, turning off schema checking is only safe for overriding =
syntax validity checks
on known attributes. You still have to at least define the existence =
of these attributes
on all participating servers. =20 --=20 -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
-
alex.soloviov@wildix.com