Hi
I'm trying to set up at new ldap-cluster (openldap 2.4.9 on Ubuntu 8.04). I have splitt the DIT into two dbs, where I have a ou=system under the base that is a subordinate db to the top db. Both dbs is on the same server. What I am wondering is where I should insert the replication information. I tired to put the replication information under the top db on the master and under the top db on the slave. What happens is that information is replicated between the top dbs, but not the subordinates (master to server). I tried adding an additional rid on the subordinate db on the slave and this made the replication work for the subordniate also. But when I the tested with a reboot of the servers the base became corrupt and I had to install everything all over again. Could someone confirm that the replication information should be under the top db on the provider and under both dbs on the consumer?
*********************** * Slapd.conf provider: * *********************** modulepath /usr/lib/ldap moduleload back_hdb moduleload back_monitor moduleload back_bdb moduleload syncprov moduleload accesslog
---------SUBORDINATE---- database hdb
suffix "ou=system,dc=......,dc=com" limits dn.exact="cn=replicator,dc=......,dc=com" size=unlimited time=unlimited
subordinate
index entryUUID,entryCSN eq
access to * by dn="cn=replicator,dc=.....,dc=com" read by peername.ip=127.0.0.1 read by * none
--------ACCESSLOG-----
database hdb rootdn "cn=accesslog"
overlay syncprov syncprov-nopresent TRUE syncprov-reloadhint TRUE limits dn.exact="cn=replicator,dc=.....,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
index default eq index entryCSN,objectClass,reqEnd,reqResult,reqStart eq
--------TOP----- database hdb
suffix "dc=.....,dc=com"
rootdn "cn=Manager,dc=....,dc=com" rootpw verysecret
### Replikerings-innstillinger ### overlay glue overlay syncprov syncprov-checkpoint 1000 60
# accesslog overlay definitions for primary db overlay accesslog logdb cn=accesslog logops writes logsuccess TRUE logpurge 07+00:00 01+00:00
# Let the replicator DN have limitless searches limits dn.exact="cn=replicator,dc=....,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
index entryUUID eq
lastmod on
access to * by peername.ip=127.0.0.1 read by ssf=128 users read by * none
*********************************** * Slapd.conf consumer: * *********************************** # Where the dynamically loaded modules are stored modulepath /usr/lib/ldap moduleload back_hdb moduleload back_monitor moduleload back_bdb
-------SUBORDINATE------ database hdb
suffix "ou=system,dc=....,dc=com" limits dn.exact="cn=replicator,dc=....,dc=com" size=unlimited time=unlimited
index entryUUID eq
access to * by dn="cn=replicator,dc=....,dc=com" read by peername.ip=127.0.0.1 read by * none
--------TOP-----
database hdb
# The base of your directory in database #1 suffix "dc=....,dc=com"
# rootdn directive for specifying a superuser on the database. This is needed # for syncrepl. rootdn "cn=Manager,dc=....,dc=com" rootpw verysecret
# Replication from master syncrepl rid=100 provider="ldap://ldap.****.****.com:389" type=refreshAndPersist searchbase="dc=.....,dc=com" filter="(objectClass=*)" scope=sub attrs="*" schemachecking=on bindmethod=simple binddn="cn=replicator,dc=.....,dc=com" credentials="secret" logbase="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" retry="60 +" syncdata=accesslog
# Refer updates to the master updateref "ldap://ldap.****.****.com:389"
index entryUUID eq
lastmod on
access to * by peername.ip=127.0.0.1 read by ssf=128 users read by * none
Petter Solgaard a écrit :
Hi
I'm trying to set up at new ldap-cluster (openldap 2.4.9 on Ubuntu 8.04). I have splitt the DIT into two dbs, where I have a ou=system under the base that is a subordinate db to the top db. Both dbs is on the same server. What I am wondering is where I should insert the replication information. ....
Could someone confirm that the replication information should be under the top db on the provider and under both dbs on the consumer?
I'm far from beeing a specialist but this is what is stated in the man page: By default, the glue overlay is automatically configured as the last overlay on the superior backend.
Its position on the backend can be explicitly configured by setting an overlay glue directive at the desired position. This explicit configuration is necessary e.g. when using the syncprov overlay, which needs to follow glue in order to work over all of the glued databases. E.g. database bdb suffix dc=example,dc=com ... overlay glue overlay syncprov
So I think you should enable the syncprov overlay on the top db, and add the explicit call to the glue overlay _before_ the syncprov one.
My 2 cents.
Thibault
openldap-software@openldap.org
-
Petter Solgaard -
Thibault Le Meur