Follow-up.
I'm rebuilding the servers and started from scratch.
I was able to get replication working just as it did before, but if I add an account like the one below to either server1 or server2, the other server crashes when it replicates. I get notices about it trying to insert UUID and then it crashes.
If memory serves me right, this problem started happening shortly after I changed my syncrepl statement to not include specific attributes, and instead used the default *,+. Is it possible that the syncrepl is conflicting with the built-in configuration for updating some of the hidden attributes ? I'm going to try to prove that by not specifying the hidden attributes will not cause my problem. (namely entry*)
I'm kind of at a loss now why it happens
---
cn=Subschema 20080715183635Z cn=manager,dc=nitle,dc=org FALSE b27c9922-e6e8-102c-8813-1b80b3c961ad uid=trogers@nitle.org,ou=guest,dc=nitle,dc=org 20080715183635.158002Z#000000#002#000000 cn=manager,dc=nitle,dc=org 20080715183635Z 10687 trogers@nitle.org Rogers /dev/null 10 Tommy Rogers top pwdPolicyChecker posixAccount person organizationalPerson inetOrgPerson eduPerson
On Jul 15, 2008, at 11:12 AM, Chris G. Sellers wrote:
I have an Multimaster/mirrormode replication that has worked for months.
Someone put some crappy data into the LDAP and then it crashed.
I've spent weeks cleaning up the data, thinking that was causing my replication to crash and core dump one of my two LDAP servers
I have cleaned up the data, loaded all the data from server1 to server2 and turned on the replication again, but I still get core dumps on server2. (server1 never has a problem)
I'm not sure where to go from here. Any suggestions or anyone else who came across the same problem. Below are some log and config entries. Host OS is Solaris10 on server1 and OpenSolaris on server2. (I have three other openLDAP servers running two with the same replication so I'm somewhat experienced with getting this to work so I'm thinking it's a strange problem I hope someone has run across)
log (server2):
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "cn=manager,dc=nitle,dc=org" "obj ectClass" requested Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 525403 local4.debug] dn_callback : new entry is older than ours cn=manager,dc=nitle,dc=org ours 20080702134355.493573Z#000000#002#000000, new 20080107224745.105385Z#000000#002#000000 Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 819441 local4.debug] syncrepl_entry: rid=010 entry unchanged, ignored (cn=manager,dc=nitle ,dc=org) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 977386 local4.debug] syncrepl_entry: rid=010 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 580501 local4.debug] syncrepl_entry: rid=010 inserted UUID c76c7c0c-57fb-102c-9216-63c463e 7d505 Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" request ed Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 565591 local4.debug] syncrepl_entry: rid=010 be_search (0) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 709484 local4.debug] syncrepl_entry: rid=010 ou=guest,dc=nitle,dc=org Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 688566 local4.debug] syncrepl_entry: rid=010 be_add (68) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "ou=guest,dc=nitle,dc=org" "entry " requested Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "ou=guest,dc=nitle,dc=org" "objectClass" requested Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 525403 local4.debug] dn_callback : new entry is older than ours ou=guest,dc=nitle,dc=org ours 20080715143748.768257Z#000000#002#000000, new 20080115212254.445224Z#000000#001#000000 Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 819441 local4.debug] syncrepl_entry: rid=010 entry unchanged, ignored (ou=guest,dc=nitle,dc=org) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 977386 local4.debug] syncrepl_entry: rid=010 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 580501 local4.debug] syncrepl_entry: rid=010 inserted UUID 3a055df6-54c8-102c-9c74-3bd710846f22 Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" requested Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 565591 local4.debug] syncrepl_entry: rid=010 be_search (0) Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 709484 local4.debug] syncrepl_entry: rid=010 uid=jbeckelm@coe.edu,ou=guest,dc=nitle,dc=org Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" requested Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd) (** CRASHES HERE EVERY TIME **)
conf(server2):
syncrepl rid=010 provider=ldap://ldap1.site.org:389 binddn="cn=mirroracct,ou=replication,dc=nitle,dc=org" bindmethod=simple credentials=*** searchbase="dc=nitle,dc=org" type=refreshAndPersist scope=sub interval=00:00:00:10 retry="15 5 300 +" timeout=1 schemachecking=off starttls=yes
syncrepl rid=011 provider=ldap://ldap2.site.org:389 binddn="cn=mirroracct,ou=replication,dc=nitle,dc=org" bindmethod=simple credentials=*** searchbase="dc=nitle,dc=org" type=refreshAndPersist schemachecking=off scope=sub interval=00:00:00:10 retry="15 5 300 +" timeout=1 starttls=yes
overlay syncprov serverID 2 mirrormode true
Thanks in advance!
Sellers
++++++++++++++++++++++++++++++++++++++ Chris G. Sellers | Internet Engineer | NITLE 734.661.2318 | chris.sellers@nitle.org Jabber: csellers@nitle.org | AIM: imthewherd
++++++++++++++++++++++++++++++++++++++ Chris G. Sellers | Internet Engineer | NITLE 734.661.2318 | chris.sellers@nitle.org Jabber: csellers@nitle.org | AIM: imthewherd