On Fri, Jan 29, 2010 at 2:16 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>wrote:
> --On Friday, January 29, 2010 1:56 PM -0700 Hung Luu <hung.n.luu(a)gmail.com>
> wrote:
>
> Hello all,
>>
>> In a syncrepl setup, I understand that the syncrepl specification is
>> defined on the consumer server. I understand this to mean that I should
>> apply my LDIF (that adds the olcSyncrepl attribute to my config and hdb
>> backends) on the consumer server. However, ldapadd was only successful in
>> configuring my config backend for syncrepl, which is defined first in the
>> LDIF, and failed with LDAP error 53 when attempting to add the
>> olcSyncrepl attribute to my hdb backend; additional error info: "shadow
>> context; no update referral."
>>
>> Is this because the olcSyncrepl attribute added to my config backend
>> already established my consumer server as a replica and hence subsequent
>> writes to the consumer server will not be accepted?
>>
>> Ideally, I wanted to add the syncrepl configuration in my slapd.conf and
>> then convert it to cn=config; however, this doesn't appear to work with
>> 2.4.21 because the slaptest added a uri="" to the olcSyncrepl attribute
>> that running slapd complained of an invalid URL for olcSyncrepl. This is
>> not an issue in 2.4.20.
>>
>> Anyway, what's the right way for me to configure syncrepl on my 2.4.21
>> consumer server for both the config and hdb backends?
>>
>
> It works for me with 2.4.21:
>
> dn: olcDatabase={2}hdb,cn=config
> changetype: modify
> add: olcSyncrepl
> olcSyncrepl: rid=100 provider=${ldap_master_url} bindmethod=si
> mple timeout=0 network-timeout=0 binddn=uid=zmreplica,cn=admins,cn=zimbra c
> redentials=${ldap_replication_password} starttls=critical
> filter="(objectclass=*)" searchbase=""
> logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"
> logbase=cn=access
> log scope=sub schemachecking=off type=refreshAndPersist retry="60 +"
> syncdat
> a=accesslog tls_cacertdir=/opt/zimbra/conf/ca
>
> is the LDIF I use to ldapmodify my entry.
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
Are you able to get it to work with ldapadd as well? I'm getting a
segmentation fault using ldapmodify (installed as part of
openldap-clients.x86_64 rpm 2.3.43-3.el5).
Here's my LDIF file:
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcSyncrepl
olcSyncrepl: rid=000 provider="ldap://provider:389" type=refreshAndPersist
retry="5 5 300 +" searchbase="cn=config" attrs="*,+" bindmethod=simple
binddn="cn=ldap,ou=services,dc=example,dc=com" credentials=secret
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcSyncrepl
olcSyncrepl: rid=001 provider="ldap://provider:389" type=refreshAndPersist
retry="5 5 300 +" searchbase="dc=example,dc=com" attrs="*,+"
bindmethod=simple binddn="cn=ldap,ou=services,dc=example,dc=com"
credentials=secret
Something else that I tried that seems to get syncrepl working on 2.4.21 is
to use a slapd.d converted from a 2.4.20 slapd.conf, but I'm a little uneasy
about it.
Thanks,
Hung.