Hello,

I'm having problem with 2 OpenLDAP (ver 2.4.21) servers acting as "master" and "slave" using "refresh and persist" synchronization.
When both servers are up, all changes get replicated (including deletes), however when slave is down and objects get deleted on master, they are not deleted on the slave after it comes up.
Also, an interesting issue I noticed, deleting object on master doesn't change the servers contextCSN, so this could be related to the problem I have.

What can be done about this situation ?

Configs follow:



Master:


dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}syncprov.la
olcModuleLoad: {1}memberof.la
structuralObjectClass: olcModuleList
creatorsName: cn=config
entryUUID: b4dec246-8d67-102d-9827-
65d8858906d8
createTimestamp: 20090212154358Z
entryCSN: 20090212154358.261980Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090212154358Z

dn: olcOverlay={1}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpSessionlog: 100
entryUUID: ad98aace-8b05-102d-8b73-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145713Z
structuralObjectClass: olcSyncProvConfig
olcSpCheckpoint: 100 1
entryCSN: 20091104130358.860872Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091104130358Z

dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf.1
olcConfigDir: slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcToolThreads: 1
structuralObjectClass: olcGlobal
creatorsName: cn=config
entryUUID: b4deb404-8d67-102d-9826-65d8858906d8
createTimestamp: 20090212154358Z
olcSaslHost: ldap-test1.carina.griddynamics.net
olcLogLevel: 0
olcAuthzPolicy: to
olcAuthzRegexp: {0}uid=([^@]*)[@,].*cn=digest-md5,cn=auth
ldap:///dc=griddynam
 ics,dc=net??sub?(uid=$1)
olcSizeLimit: 10000
olcServerID: 1 ldap://ldap-test1.carina.griddynamics.net
entryCSN: 20091121171118.965511Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20091121171118Z
contextCSN: 20100121080100.534901Z#000000#001#000000

dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcDbDirectory: /var/lib/ldap/griddynamics.net
olcSuffix: dc=griddynamics,dc=net
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=griddynamics,dc=net
olcMonitoring: TRUE
olcDbDirtyRead: FALSE
olcDbLinearIndex: FALSE
olcDbMode: 384
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
entryUUID: acc152ea-8b05-102d-8b71-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145711Z
structuralObjectClass: olcBdbConfig
olcRootPW:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
olcAccess: {0}to
attrs=userPassword,userPKCS12,sambaLMPassword,sambaNTPassword
   by sockurl.regex="^ldapi:///$" write by
group.exact="cn=noc,ou=groups,dc=gr
 iddynamics,dc=net" write  by self write  by anonymous auth
olcAccess: {1}to attrs=shadowLastChange  by sockurl.regex="^ldapi:///$"
write
  by group.exact="cn=noc,ou=groups,dc=griddynamics,dc=net"  write  by
self wri
 te  by * read
olcAccess: {2}to *  by sockurl.regex="^ldapi:///$" write  by
group.exact="cn=n
 oc,ou=groups,dc=griddynamics,dc=net" write  by self write  by * read
olcDbIndex: default eq
olcDbIndex: objectClass,entryUUID,entryCSN
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: memberOf pres,eq
olcDbIndex: ou pres,eq,sub
olcDbIndex: mail pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbIndex: uniqueMember pres,eq
olcDbIndex: gosaObject pres,eq
olcDbIndex: zoneName pres,eq
olcDbIndex: relativeDomainName pres,eq
olcDbIndex: member pres,eq
olcDbIndex: dhcpPrimaryDN pres,eq
olcDbIndex: dhcpSecondaryDN pres,eq
olcDbIndex: dhcpServerDN  pres,eq
olcDbIndex: dhcpFailOverPeerDN   pres,eq
olcDbIndex: dhcpHWAddress pres,eq
olcDbNoSync: TRUE
olcDbCheckpoint: 1024 5
olcDbCacheSize: 5000
olcDbIDLcacheSize: 5000
olcSyncrepl: {0}rid=001
provider=ldap://ldap-test1.carina.griddynamics.net bindmetho
 d=simple timeout=1 network-timeout=0
binddn="cn=manager,dc=griddynamics,dc=ne
 t" credentials="xxxxxxxxxxx" starttls=no filter="(objectclass=*)"
searchbase="dc
 =griddynamics,dc=net" scope=sub schemachecking=off
type=refreshAndPersist ret
 ry="10 +"
olcDbConfig: {0}set_flags DB_LOG_AUTOREMOVE
olcDbConfig: {1}set_cachesize 0 33554432 0
entryCSN: 20091121172900.646924Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091121172900Z


Slave:

dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModuleLoad: {0}syncprov.la
olcModuleLoad: {1}memberof.la
structuralObjectClass: olcModuleList
creatorsName: cn=config
entryUUID: b4dec246-8d67-102d-9827-65d8858906d8
createTimestamp: 20090212154358Z
entryCSN: 20090212154358.261980Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090212154358Z

dn: olcOverlay={1}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpSessionlog: 100
entryUUID: ad98aace-8b05-102d-8b73-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145713Z
structuralObjectClass: olcSyncProvConfig
olcSpCheckpoint: 100 1
entryCSN: 20091104130358.860872Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091104130358Z

dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd.conf.1
olcConfigDir: slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcLocalSSF: 71
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcToolThreads: 1
structuralObjectClass: olcGlobal
creatorsName: cn=config
entryUUID: b4deb404-8d67-102d-9826-65d8858906d8
createTimestamp: 20090212154358Z
olcSaslHost: ldap-test1.carina.griddynamics.net
olcLogLevel: 0
olcAuthzPolicy: to
olcAuthzRegexp: {0}uid=([^@]*)[@,].*cn=digest-md5,cn=auth
ldap:///dc=griddynam
 ics,dc=net??sub?(uid=$1)
olcSizeLimit: 10000
olcServerID: 1 ldap://ldap-test1.carina.griddynamics.net
entryCSN: 20091121171118.965511Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20091121171118Z
contextCSN: 20100121080100.534901Z#000000#001#000000

dn: olcDatabase={2}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcDbDirectory: /var/lib/ldap/griddynamics.net
olcSuffix: dc=griddynamics,dc=net
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=griddynamics,dc=net
olcMonitoring: TRUE
olcDbDirtyRead: FALSE
olcDbLinearIndex: FALSE
olcDbMode: 384
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
entryUUID: acc152ea-8b05-102d-8b71-fd81f30554e6
creatorsName: cn=config
createTimestamp: 20090209145711Z
structuralObjectClass: olcBdbConfig
olcRootPW:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
olcAccess: {0}to
attrs=userPassword,userPKCS12,sambaLMPassword,sambaNTPassword
   by sockurl.regex="^ldapi:///$" write by
group.exact="cn=noc,ou=groups,dc=gr
 iddynamics,dc=net" write  by self write  by anonymous auth
olcAccess: {1}to attrs=shadowLastChange  by sockurl.regex="^ldapi:///$"
write
  by group.exact="cn=noc,ou=groups,dc=griddynamics,dc=net"  write  by
self wri
 te  by * read
olcAccess: {2}to *  by sockurl.regex="^ldapi:///$" write  by
group.exact="cn=n
 oc,ou=groups,dc=griddynamics,dc=net" write  by self write  by * read
olcDbIndex: default eq
olcDbIndex: objectClass,entryUUID,entryCSN
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: memberOf pres,eq
olcDbIndex: ou pres,eq,sub
olcDbIndex: mail pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbIndex: uniqueMember pres,eq
olcDbIndex: gosaObject pres,eq
olcDbIndex: zoneName pres,eq
olcDbIndex: relativeDomainName pres,eq
olcDbIndex: member pres,eq
olcDbIndex: dhcpPrimaryDN pres,eq
olcDbIndex: dhcpSecondaryDN pres,eq
olcDbIndex: dhcpServerDN  pres,eq
olcDbIndex: dhcpFailOverPeerDN   pres,eq
olcDbIndex: dhcpHWAddress pres,eq
olcDbNoSync: TRUE
olcDbCheckpoint: 1024 5
olcDbCacheSize: 5000
olcDbIDLcacheSize: 5000
olcSyncrepl: {0}rid=001
provider=ldap://ldap-test1.carina.griddynamics.net bindmetho
 d=simple timeout=1 network-timeout=0
binddn="cn=manager,dc=griddynamics,dc=ne
 t" credentials="xxxxxxxxxxx" starttls=no filter="(objectclass=*)"
searchbase="dc
 =griddynamics,dc=net" scope=sub schemachecking=off
type=refreshAndPersist ret
 ry="10 +"
olcDbConfig: {0}set_flags DB_LOG_AUTOREMOVE
olcDbConfig: {1}set_cachesize 0 33554432 0
entryCSN: 20091121172900.646924Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20091121172900Z