Hello,
I'm having problem with 2 OpenLDAP (ver 2.4.21) servers acting as "master" and "slave" using "refresh and persist" synchronization.
When both servers are up, all changes get replicated (including deletes), however when slave is down and objects get deleted on master, they are not deleted on the slave after it comes up.
Also, an interesting issue I noticed, deleting object on master doesn't change the servers contextCSN, so this could be related to the problem I have.
What can be done about this situation ?
Configs follow:
Master:
dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}syncprov.la
olcModuleLoad: {1}memberof.la
structuralObjectClass: olcModuleList
creatorsName: cn=config
entryUUID: b4dec246-8d67-102d-9827-
65d8858906d8
createTimestamp: 20090212154358Z
entryCSN: 20090212154358.261980Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090212154358Z
dn: olcOverlay={1}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpSessionlog: 100
entryUUID: ad98aace-8b05-102d-8b73-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145713Z
structuralObjectClass: olcSyncProvConfig
olcSpCheckpoint: 100 1
entryCSN: 20091104130358.860872Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091104130358Z
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf.1
olcConfigDir: slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcToolThreads: 1
structuralObjectClass: olcGlobal
creatorsName: cn=config
entryUUID: b4deb404-8d67-102d-9826-65d8858906d8
createTimestamp: 20090212154358Z
olcSaslHost: ldap-test1.carina.griddynamics.net
olcLogLevel: 0
olcAuthzPolicy: to
olcAuthzRegexp: {0}uid=([^@]*)[@,].*cn=digest-md5,cn=auth
ldap:///dc=griddynam
ics,dc=net??sub?(uid=$1)
olcSizeLimit: 10000
olcServerID: 1 ldap://ldap-test1.carina.griddynamics.net
entryCSN: 20091121171118.965511Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20091121171118Z
contextCSN: 20100121080100.534901Z#000000#001#000000
dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcDbDirectory: /var/lib/ldap/griddynamics.net
olcSuffix: dc=griddynamics,dc=net
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=griddynamics,dc=net
olcMonitoring: TRUE
olcDbDirtyRead: FALSE
olcDbLinearIndex: FALSE
olcDbMode: 384
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
entryUUID: acc152ea-8b05-102d-8b71-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145711Z
structuralObjectClass: olcBdbConfig
olcRootPW:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
olcAccess: {0}to
attrs=userPassword,userPKCS12,sambaLMPassword,sambaNTPassword
by sockurl.regex="^ldapi:///$" write by
group.exact="cn=noc,ou=groups,dc=gr
iddynamics,dc=net" write by self write by anonymous auth
olcAccess: {1}to attrs=shadowLastChange by sockurl.regex="^ldapi:///$"
write
by group.exact="cn=noc,ou=groups,dc=griddynamics,dc=net" write by
self wri
te by * read
olcAccess: {2}to * by sockurl.regex="^ldapi:///$" write by
group.exact="cn=n
oc,ou=groups,dc=griddynamics,dc=net" write by self write by * read
olcDbIndex: default eq
olcDbIndex: objectClass,entryUUID,entryCSN
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: memberOf pres,eq
olcDbIndex: ou pres,eq,sub
olcDbIndex: mail pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbIndex: uniqueMember pres,eq
olcDbIndex: gosaObject pres,eq
olcDbIndex: zoneName pres,eq
olcDbIndex: relativeDomainName pres,eq
olcDbIndex: member pres,eq
olcDbIndex: dhcpPrimaryDN pres,eq
olcDbIndex: dhcpSecondaryDN pres,eq
olcDbIndex: dhcpServerDN pres,eq
olcDbIndex: dhcpFailOverPeerDN pres,eq
olcDbIndex: dhcpHWAddress pres,eq
olcDbNoSync: TRUE
olcDbCheckpoint: 1024 5
olcDbCacheSize: 5000
olcDbIDLcacheSize: 5000
olcSyncrepl: {0}rid=001
provider=ldap://ldap-test1.carina.griddynamics.net bindmetho
d=simple timeout=1 network-timeout=0
binddn="cn=manager,dc=griddynamics,dc=ne
t" credentials="xxxxxxxxxxx" starttls=no filter="(objectclass=*)"
searchbase="dc
=griddynamics,dc=net" scope=sub schemachecking=off
type=refreshAndPersist ret
ry="10 +"
olcDbConfig: {0}set_flags DB_LOG_AUTOREMOVE
olcDbConfig: {1}set_cachesize 0 33554432 0
entryCSN: 20091121172900.646924Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091121172900Z
Slave:
dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}syncprov.la
olcModuleLoad: {1}memberof.la
structuralObjectClass: olcModuleList
creatorsName: cn=config
entryUUID: b4dec246-8d67-102d-9827-65d8858906d8
createTimestamp: 20090212154358Z
entryCSN: 20090212154358.261980Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090212154358Z
dn: olcOverlay={1}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpSessionlog: 100
entryUUID: ad98aace-8b05-102d-8b73-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145713Z
structuralObjectClass: olcSyncProvConfig
olcSpCheckpoint: 100 1
entryCSN: 20091104130358.860872Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091104130358Z
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf.1
olcConfigDir: slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcToolThreads: 1
structuralObjectClass: olcGlobal
creatorsName: cn=config
entryUUID: b4deb404-8d67-102d-9826-65d8858906d8
createTimestamp: 20090212154358Z
olcSaslHost: ldap-test1.carina.griddynamics.net
olcLogLevel: 0
olcAuthzPolicy: to
olcAuthzRegexp: {0}uid=([^@]*)[@,].*cn=digest-md5,cn=auth
ldap:///dc=griddynam
ics,dc=net??sub?(uid=$1)
olcSizeLimit: 10000
olcServerID: 1 ldap://ldap-test1.carina.griddynamics.net
entryCSN: 20091121171118.965511Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20091121171118Z
contextCSN: 20100121080100.534901Z#000000#001#000000
dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcDbDirectory: /var/lib/ldap/griddynamics.net
olcSuffix: dc=griddynamics,dc=net
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=griddynamics,dc=net
olcMonitoring: TRUE
olcDbDirtyRead: FALSE
olcDbLinearIndex: FALSE
olcDbMode: 384
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
entryUUID: acc152ea-8b05-102d-8b71-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145711Z
structuralObjectClass: olcBdbConfig
olcRootPW:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
olcAccess: {0}to
attrs=userPassword,userPKCS12,sambaLMPassword,sambaNTPassword
by sockurl.regex="^ldapi:///$" write by
group.exact="cn=noc,ou=groups,dc=gr
iddynamics,dc=net" write by self write by anonymous auth
olcAccess: {1}to attrs=shadowLastChange by sockurl.regex="^ldapi:///$"
write
by group.exact="cn=noc,ou=groups,dc=griddynamics,dc=net" write by
self wri
te by * read
olcAccess: {2}to * by sockurl.regex="^ldapi:///$" write by
group.exact="cn=n
oc,ou=groups,dc=griddynamics,dc=net" write by self write by * read
olcDbIndex: default eq
olcDbIndex: objectClass,entryUUID,entryCSN
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: memberOf pres,eq
olcDbIndex: ou pres,eq,sub
olcDbIndex: mail pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbIndex: uniqueMember pres,eq
olcDbIndex: gosaObject pres,eq
olcDbIndex: zoneName pres,eq
olcDbIndex: relativeDomainName pres,eq
olcDbIndex: member pres,eq
olcDbIndex: dhcpPrimaryDN pres,eq
olcDbIndex: dhcpSecondaryDN pres,eq
olcDbIndex: dhcpServerDN pres,eq
olcDbIndex: dhcpFailOverPeerDN pres,eq
olcDbIndex: dhcpHWAddress pres,eq
olcDbNoSync: TRUE
olcDbCheckpoint: 1024 5
olcDbCacheSize: 5000
olcDbIDLcacheSize: 5000
olcSyncrepl: {0}rid=001
provider=ldap://ldap-test1.carina.griddynamics.net bindmetho
d=simple timeout=1 network-timeout=0
binddn="cn=manager,dc=griddynamics,dc=ne
t" credentials="xxxxxxxxxxx" starttls=no filter="(objectclass=*)"
searchbase="dc
=griddynamics,dc=net" scope=sub schemachecking=off
type=refreshAndPersist ret
ry="10 +"
olcDbConfig: {0}set_flags DB_LOG_AUTOREMOVE
olcDbConfig: {1}set_cachesize 0 33554432 0
entryCSN: 20091121172900.646924Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091121172900Z