Hi,
I'm having trouble setting up syncrepl beetween 2 openldap 2.3.27 servers.
When I run the consumer with "full debug" I see that the data I want to replicate is transfered correctly, but the consumer "fails to store it". The sync ends with :
do_syncrep2: got search entry without control
Sync phase in the consumer logs :
=>do_syncrepl
=>do_syncrep2
ldap_result ld 0x819f6d0 msgid -1
ldap_chkResponseList ld 0x819f6d0 msgid -1 all 0
ldap_chkResponseList returns ld 0x819f6d0 NULL
wait4msg ld 0x819f6d0 msgid -1 (timeout 0 usec)
wait4msg continue ld 0x819f6d0 msgid -1 all 0
** ld 0x819f6d0 Connections:
* host: 172.24.239.122 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 18 11:33:40 2006
** ld 0x819f6d0 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x819f6d0 Response Queue:
Empty
ldap_chkResponseList ld 0x819f6d0 msgid -1 all 0
ldap_chkResponseList returns ld 0x819f6d0 NULL
ldap_int_select
read1msg: ld 0x819f6d0 msgid -1 all 0
ber_get_next
ber_get_next: tag 0x30 len 692 contents:
read1msg: ld 0x819f6d0 msgid 2 message type search-entry
ber_scanf fmt ({xx) ber:
do_syncrep2: got search entry without control
My slapd.conf on consumer looks like :
backend bdb checkpoint 512 30
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on replogfile /var/lib/ldap/replog
# seems mandatory for syncrepl rootdn cn=admin,dc=actia,dc=com
access to attrs=userPassword by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by * read
syncrepl rid=112 provider=ldap://172.24.239.122:389 type=refreshAndPersist interval=00:00:00:20 retry="5 +" searchbase="ou=Filiale2,dc=actia,dc=com" scope=one filter="(objectClass=posixAccount)" binddn="cn=syncuser,dc=actia,dc=com" bindmethod=simple credentials=synchro schemachecking=off
On the provider it looks like :
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on
access to attrs=userPassword by dn="cn=admin,dc=actia,dc=com" write by dn="cn=syncuser,dc=actia,dc=com" read by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by dn="cn=admin,dc=actia,dc=com" write by * read
syncprov-checkpoint 100 10 syncprov-sessionlog 100
I would take any hint on why my data is transfered but not stored.
Thanks in advance, Thomas.
on the provider, the only log I get is :
slap_global_control: unrecognized control: 1.3.6.1.4.1.4203.1.9.1.1
On 10/18/06, Thomas Cataldo tcataldo@gmail.com wrote:
Hi,
I'm having trouble setting up syncrepl beetween 2 openldap 2.3.27 servers.
When I run the consumer with "full debug" I see that the data I want to replicate is transfered correctly, but the consumer "fails to store it". The sync ends with :
do_syncrep2: got search entry without control
I'm having trouble setting up syncrepl beetween 2 openldap 2.3.27 servers.
When I run the consumer with "full debug" I see that the data I want to replicate is transfered correctly, but the consumer "fails to store it". The sync ends with :
do_syncrep2: got search entry without control
...
On the provider it looks like :
...
syncprov-checkpoint 100 10 syncprov-sessionlog 100
It could be because you haven't loaded the syncprov overlay, i.e. put
overlay syncprov
before the options above.
Toby
Is this missing an "overlay syncprov"? I don't know if that's instantiated automatically. Compare against one of the tests (test018 or so) configs.
"slaptest -d config" on the provider might complain about the syncprov-* lines. I'm partially surprised that it even starts.
On the provider it looks like :
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on
access to attrs=userPassword by dn="cn=admin,dc=actia,dc=com" write by dn="cn=syncuser,dc=actia,dc=com" read by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by dn="cn=admin,dc=actia,dc=com" write by * read
syncprov-checkpoint 100 10 syncprov-sessionlog 100
Ok, thank you :
I added
moduleload syncprov
and uncommented the "overlay syncprov " and replication started; Thanks a lot.
moduleload syncprov
You only need the above directive if you built slapd with module support, and slapo-syncprov(5) as a run-time loadable module, otherwise slapd (2.3) simply ignores it (but 2.4 will complain, and likely refuse to start)
and uncommented the "overlay syncprov " and replication started
This is what you were really missing.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
Is this missing an "overlay syncprov"? I don't know if that's instantiated automatically. Compare against one of the tests (test018 or so) configs.
"slaptest -d config" on the provider might complain about the syncprov-* lines. I'm partially surprised that it even starts.
2.3 is not (yet) strict enough on unrecognized statements, while 2.4 will be as strict as possible (yes, we're doing our best to be prepared to "my slapd.conf full of 'foo bar' statements doesn't start any more").
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
On Wednesday 18 October 2006 11:36, Thomas Cataldo wrote:
Hi,
I'm having trouble setting up syncrepl beetween 2 openldap 2.3.27 servers.
When I run the consumer with "full debug" I see that the data I want to replicate is transfered correctly, but the consumer "fails to store it". The sync ends with :
do_syncrep2: got search entry without control
Sync phase in the consumer logs :
=>do_syncrepl
=>do_syncrep2
ldap_result ld 0x819f6d0 msgid -1
ldap_chkResponseList ld 0x819f6d0 msgid -1 all 0
ldap_chkResponseList returns ld 0x819f6d0 NULL
wait4msg ld 0x819f6d0 msgid -1 (timeout 0 usec)
wait4msg continue ld 0x819f6d0 msgid -1 all 0
** ld 0x819f6d0 Connections:
host: 172.24.239.122 port: 389 (default)
refcnt: 2 status: Connected
last used: Wed Oct 18 11:33:40 2006
** ld 0x819f6d0 Outstanding Requests:
msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x819f6d0 Response Queue:
Empty
ldap_chkResponseList ld 0x819f6d0 msgid -1 all 0
ldap_chkResponseList returns ld 0x819f6d0 NULL
ldap_int_select
read1msg: ld 0x819f6d0 msgid -1 all 0
ber_get_next
ber_get_next: tag 0x30 len 692 contents:
read1msg: ld 0x819f6d0 msgid 2 message type search-entry
ber_scanf fmt ({xx) ber:
do_syncrep2: got search entry without control
My slapd.conf on consumer looks like :
backend bdb checkpoint 512 30
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on replogfile /var/lib/ldap/replog
# seems mandatory for syncrepl rootdn cn=admin,dc=actia,dc=com
access to attrs=userPassword by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by * read
syncrepl rid=112 provider=ldap://172.24.239.122:389 type=refreshAndPersist interval=00:00:00:20 retry="5 +" searchbase="ou=Filiale2,dc=actia,dc=com" scope=one filter="(objectClass=posixAccount)" binddn="cn=syncuser,dc=actia,dc=com" bindmethod=simple credentials=synchro schemachecking=off
On the provider it looks like :
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on
access to attrs=userPassword by dn="cn=admin,dc=actia,dc=com" write by dn="cn=syncuser,dc=actia,dc=com" read by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by dn="cn=admin,dc=actia,dc=com" write by * read
Surely you need:
overlay syncprov
before the next lines:
syncprov-checkpoint 100 10 syncprov-sessionlog 100
I would take any hint on why my data is transfered but not stored.
Also, you haven't provided your syncuser with unlimited (size/time) access, which you most likely want to do.
Regards, Buchan
Thomas Cataldo wrote:
Hi,
I'm having trouble setting up syncrepl beetween 2 openldap 2.3.27 servers.
When I run the consumer with "full debug" I see that the data I want to replicate is transfered correctly, but the consumer "fails to store it". The sync ends with :
do_syncrep2: got search entry without control
This means the provider is not configured correctly, otherwise it would have sent the correct (sync) control.
On the provider it looks like :
You're missing the "overlay syncprov" directive, so there is no sync provider here.
database bdb suffix "dc=actia,dc=com" directory "/var/lib/ldap" index objectClass,entryCSN,entryUUID eq lastmod on
access to attrs=userPassword by dn="cn=admin,dc=actia,dc=com" write by dn="cn=syncuser,dc=actia,dc=com" read by anonymous auth by self write by * none
access to dn.base="" by * read
access to * by dn="cn=admin,dc=actia,dc=com" write by * read
syncprov-checkpoint 100 10 syncprov-sessionlog 100
I would take any hint on why my data is transfered but not stored.
openldap-software@openldap.org
-
Aaron Richton -
Buchan Milne -
Howard Chu -
Pierangelo Masarati -
Thomas Cataldo -
Toby Blake