Hi All,
I have a big network with one master openldap 2.3.30 running on Debian Etch fully updated.
I have other 27 consumers using replication on refresAndPersist type working 100% fine with one exception.
This exception have the same configurations off all other servers. I have already changed the WAN provider (it was planned to change it), the switch where the server is connected, network cable, the hole server and nothing seems to change the strange behavior.
What happens is this specific machine does not receive all the 8323 objects from the master. On debug mode it does not show any error. The openldap simply thinks the replica have finished. Then some seconds later it start replicating again but not from the stop point. The best that I have is 5217 objects replicated.
My conf on this server was copied from another working installation and then changed the "rid".
This is how my conf is: ####################################################################### # SCHEMAS ####################################################################### include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/misc.schema include /etc/ldap/schema/samba.schema
####################################################################### # GERAL ####################################################################### #allow bind_v2 pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 4 64 16384 sizelimit 20000 tool-threads 1
####################################################################### # MODULOS ####################################################################### modulepath /usr/lib/ldap moduleload back_bdb moduleload syncprov
####################################################################### # BACKEND ####################################################################### backend bdb checkpoint 512 30
####################################################################### # DATABASE ####################################################################### database bdb suffix "dc=company" rootdn "cn=replicator,dc=company" rootpw {SSHA}password directory "/var/lib/ldap" dbconfig set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 lastmod on
###################################################################### # ACL ###################################################################### access to dn.base="" by * read
access to * by dn="cn=admin,dc=company" write by dn="cn=replicator,dc=company" write by * read
access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=company" write by dn="cn=replicator,dc=company" write by self write by anonymous auth by * none
###################################################################### # TLS ###################################################################### TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP TLSCACertificateFile /etc/ldap/certs/cacert.pem TLSCertificateFile /etc/ldap/certs/servercrt.pem TLSCertificateKeyFile /etc/ldap/certs/serverkey.pem TLSVerifyClient never
###################################################################### # REPLICACAO ###################################################################### syncrepl rid=51 provider=ldaps://ldap bindmethod=simple binddn="cn=replicator,dc=company" credentials=password searchbase="dc=company" schemachecking=off type=refreshAndPersist retry="30 30 600 72"
###################################################################### # Indices ###################################################################### index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index memberUid eq,subinitial index mail eq,subinitial index givenname eq,subinitial index uidNumber eq index gidNumber eq index entryUUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index objectClass eq index sambaGroupType eq index sambaSIDList eq index uniqueMember eq index entryCSN eq
When the replication stops the log just shows:
Dec 8 15:55:09 mg slapd[6529]: syncrepl_entry: LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)
Dec 8 15:55:09 mg slapd[6529]: bdb_idl_fetch_key: [7cdee34d] Dec 8 15:55:09 mg slapd[6529]: send_ldap_result: err=0 matched="" text="" Dec 8 15:55:09 mg slapd[6529]: syncrepl_entry: be_search (0) Dec 8 15:55:09 mg slapd[6529]: syncrepl_entry: uid=pr0239$,ou=maquinas,dc=matriz,dc=company Dec 8 15:55:09 mg slapd[6529]: do_syncrep2: LDAP_RES_SEARCH_RESULT Dec 8 15:55:09 mg slapd[6529]: connection_get(39)
Note that the first line is saying LDAP_SYNC_ADD and not LDAP_SYNC_MODIFY once this user is already loaded.
Anyone can help us with this one?
Thanx in advance.
Gustavo