Sam Tran escreveu:
On 6/12/07, Jeronimo Zucco jczucco@ucs.br wrote:
Hi, list. I'm trying to implement syncrepl in my openldap 2.3.35 withoutsucess. I tryed many (I sed: MANY) times to slacat, slapadd to slave for syn ldap servers, but for some reason with I don't know, the slave lost the sync.
Then I have to do the same thing ate night:
- stop ldap master;
- slapcat master
- slapadd on the slave;
- start master and start slave
Hi Jeronimo,
With syncrepl, you don't need to do a 'slapcat' on the master and 'slapadd' on the slave. Just start the master, then the slave. You will see the slave doing a full sync.
Ok, I didn't know about it until now. :-)
This works about one hour, in the morning wasn't syncing again. If irestart the slave ldap, then the changes on the master is replicated, but stops to sync "on line" after this.
What do you see in your ldap logs?
Well, I restarted master and slave this morning, and sync works until 11:38 am. I change the log level to 16384 in both servers, and get this:
MASTER:
Jun 12 11:35:05 master slapd[3556]: connection_read(51): no connection! Jun 12 11:36:08 master slapd[3556]: connection_read(72): no connection! Jun 12 11:36:53 master slapd[3556]: connection_read(127): no connection! Jun 12 11:37:15 master slapd[3556]: connection_read(139): no connection! Jun 12 11:37:16 master slapd[3556]: connection_read(139): no connection! Jun 12 11:37:29 master slapd[3556]: connection_read(144): no connection! Jun 12 11:37:36 master slapd[3556]: connection_read(144): no connection! Jun 12 11:39:18 master slapd[3556]: connection_read(69): no connection! Jun 12 11:39:37 master last message repeated 2 times ... until now
SLAVE:
Jun 12 11:35:51 slave slapd[32765]: syncrepl_entry: rid 001 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY) Jun 12 11:35:51 slave slapd[32765]: syncrepl_entry: rid 001 be_search (0) Jun 12 11:35:51 slave slapd[32765]: syncrepl_entry: rid 001 ou=ImpPrefs,uid=RMendes,ou=people,dc=domain,dc=com Jun 12 11:35:51 slave slapd[32765]: syncrepl_entry: rid 001 be_modify (0) Jun 12 11:38:40 slave slapd[32765]: connection_read(27): no connection! Jun 12 11:43:40 slave slapd[32765]: connection_read(27): no connection! Jun 12 12:13:40 slave slapd[32765]: connection_read(27): no connection! Jun 12 13:08:40 slave slapd[32765]: connection_read(27): no connection! ... until now...
Then now I restarted the slave openldap server, and sync is working again (I don't now until when, then I have to restart slave again to do sync.
Are your master and slave in two different subnets separated by a firewall?
No. The servers are in the same network.
Thanks for the help.
Sam
I don't know what to do to solve this issue :-(
Follow up my ldap configuration (just about syncrepl):ldap master: # acls permits to user replicator to read all the database index objectClass,entryCSN,entryUUID eq overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 limits dn.exact="cn=replicator,dc=domain,dc=com" size.soft=unlimited size.hard=unlimited
ldap slave: syncrepl rid=1 provider=ldaps://master.domain.com:636 binddn="cn=replicator,dc=domain,dc=com" bindmethod=simple credentials=secret searchbase="dc=domain,dc=com" filter="(objectClass=*)" schemachecking=off scope=sub type=refreshAndPersist retry="60 +"
Any tip will be apreciated.
-- Jeronimo Zucco LPIC-1 Linux Professional Institute Certified NĂșcleo de Processamento de Dados Universidade de Caxias do Sul