I have 3 ldap server's.
One master and two slave.
From master to one slave replica passes successeful, but to another slave replica not pass.
Config slapd on both slave the same, but version openldap different. (2.3.19 and 2.3.27). Version master openldap - 2.3.11.
Problem with version?
P.S. During replica i have next error message: "ERROR: Constraint violation: entryCNS: no user modification allowed"
Paul Shevtsov wrote:
I have 3 ldap server's. One master and two slave. From master to one slave replica passes successeful, but to another slave replica not pass. Config slapd on both slave the same, but version openldap different. (2.3.19 and 2.3.27). Version master openldap - 2.3.11. Problem with version? P.S. During replica i have next error message: "ERROR: Constraint violation: entryCNS: no user modification allowed"
Assuming you're using slurpd, I guess the second replica is missing the updatedn directive. See slapd.conf(5) for details, and the Admin Guide for a general discussion of replication.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
On Sat, Nov 11, 2006 at 04:57:15PM +0100, Pierangelo Masarati wrote:
Paul Shevtsov wrote:
I have 3 ldap server's. One master and two slave. From master to one slave replica passes successeful, but to another slave replica not pass. Config slapd on both slave the same, but version openldap different. (2.3.19 and 2.3.27). Version master openldap - 2.3.11. Problem with version? P.S. During replica i have next error message: "ERROR: Constraint violation: entryCNS: no user modification allowed"Assuming you're using slurpd, I guess the second replica is missing the updatedn directive. See slapd.conf(5) for details, and the Admin Guide for a general discussion of replication.
p.
Ok. I fixed this promlem. updatedn on slave was not equal updaetdn on master. But i have next problem. Replica from slave not pass to master. On slvae i have message "referral=" master.site:38" and silence...
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it
Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it
Paul Shevtsov wrote:
Ok. I fixed this promlem. updatedn on slave was not equal updaetdn on master.
There's supposed to be no "updatedn" on the master; I assume you mean the "binddn" in the "replica" statement.
But i have next problem.Replica from slave not pass to master. On slvae i have message "referral=" master.site:38" and silence...
"master.site:38" is not a valid referral URI. In any case, the slave is not supposed to pass anything to the master; it's supposed to return a referral when anyone tries to write on it.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
Paul Shevtsov wrote:
Ok. I fixed this promlem. updatedn on slave was not equal updaetdn on master.There's supposed to be no "updatedn" on the master; I assume you mean the "binddn" in the "replica" statement.
:)
But i have next problem.Replica from slave not pass to master. On slvae i have message "referral=" master.site:38" and silence...
"master.site:38" is not a valid referral URI. In any case, the slave is not supposed to pass anything to the master; it's supposed to return a referral when anyone tries to write on it.
p.
Sorry ... i write wrong message, yes certainly this was "referral="master.site:389" I remake replica from slurp to synrepl, it work fine from master to slave but i again have problem write changes from slave to master ---------------------------slave conf-----------------------------------
syncrepl rid=123 provider=ldap://ldap.dgb.local:389 type=refreshOnly interval=00:00:05:00 searchbase="ou=users,dc=dgb,dc=local" scope=sub attrs="*" schemacheking=off updatedn "cn=syncuser,dc=dgb,dc=local" bindmethod=simple binddn="cn=syncuser,dc=dgb,dc=local" credentials=******* updateref ldap://ldap.dgb.local:389 ------------------------------------------------------------------------- I try from differnt client
ldapadd return message from slave - "ldap_add: Referral (10) referrals: ldap://ldap.dgb.local/uid=bbb1,ou=user,dc=dgb,dc=local" LDAP Admin from windows return message from master
"text=modifications require authentication".
???
P.S. I got crash master slapd when i try syncreplica with type=refreshAndPersist. refreshOnly - work fine. P.P.S. Sorry - but english not mine native language. :)
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it
Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it
Paul Shevtsov wrote:
"master.site:38" is not a valid referral URI.
Sorry ... i write wrong message, yes certainly this was "referral="master.site:389" I remake replica from slurp to synrepl, it work fine from master to slave but i again have problem write changes from slave to master
You got me wrong: the problem is not the port, it's the URI; "master.site:<anyport>" is not a valid URI
updateref ldap://ldap.dgb.local:389
This is a valid URI.
I try from differnt client ldapadd return message from slave - "ldap_add: Referral (10) referrals: ldap://ldap.dgb.local/uid=bbb1,ou=user,dc=dgb,dc=local"LDAP Admin from windows return message from master
"text=modifications require authentication".
Apparently, your client tries to chase referrals anonymously, and this fails as expected. I don't see any software malfunction here (on the OpenLDAP side, at least); there might be a missing or misimplemented feature in the client, though.
??? P.S. I got crash master slapd when i try syncreplica with type=refreshAndPersist. refreshOnly - work fine.
That's a completely different business. I gather from your initial message that your master is 2.3.11. As the current release is 2.3.30, and the CHANGES reports a huge number of fixes and improvements to sync replication, I suggest you upgrade before proceeding any further with syncrepl.
p.
openldap-software@openldap.org
-
Paul Shevtsov -
Pierangelo Masarati