That works. I must have just been typing something wrong in that 4th line. Now to get the other servers setup.
Thank you, Eric Speake Web Systems Administrator O'Reilly Auto Parts
From: Christian Kratzer ck-lists@cksoft.de To: espeake@oreillyauto.com Cc: openldap-technical@openldap.org Date: 08/08/2013 10:35 AM Subject: Re: Schema Replication and data replication Sent by: openldap-technical-bounces@OpenLDAP.org
Hi,
On Thu, 8 Aug 2013, espeake@oreillyauto.com wrote:
Christian,
Here is the ldif I created:
dn: olcDatabase={0}config changetype: modify replace: olcServerID olcServerID: 1 ldap://tntest-ldap-master-1.oreillyauto.com olcServerID: 2 ldap://tntest-ldap-1.oreillyauto.com olcServerID: 3 ldap://tntest-ldap-2.oreillyauto.com
sorry. followig should do it:
dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 ldap://tntest-ldap-master-1.oreillyauto.com olcServerID: 2 ldap://tntest-ldap-1.oreillyauto.com olcServerID: 3 ldap://tntest-ldap-2.oreillyauto.com
Here is the error I get.
ldapmodify: wrong attributeType at line 4, entry "olcDatabase={0}config"
Should I be identifying the server elsewhere as well. or maybe using.
dn: olcDatabase={0}config changetype: modify add: olcServerID: 1
your hostname should match one of the urls provided in olcServerId or you should provide the specific servers url directly via the -h option to slapd.
On linux this is often set by the init scripts that parse /etc/sysconfig/ldap
Greetings Christian
and then run the other modify script.
Thank you, Eric Speake Web Systems Administrator O'Reilly Auto Parts
From: Christian Kratzer ck-lists@cksoft.de To: espeake@oreillyauto.com Cc: openldap-technical@openldap.org Date: 08/08/2013 07:42 AM Subject: Re: Schema Replication and data replication
Hi,
On Thu, 8 Aug 2013, espeake@oreillyauto.com wrote:
Christian,
The olcServerID goes in the cn=config file correct? I will do a
ldapmodify to change this.
yes. use the following:
dn: olcDatabase={0}config changetype: modify replace: olcServerID olcServerID: 1 ldap://tntest-ldap-master-1.oreillyauto.com olcServerID: 2 ldap://tntest-ldap-master-2.oreillyauto.com
The consumer config is what was on there and that's why I asked the
question about wiping it out and then using slapcat to put it back in.
slapcat NEVER shows the checksums and protecting comments that you only
see
when you go looking at the files under slapd.d
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 3411e7fc
Once you have the correct configuration on one server dump it with
slapcat
-n0 and import it to the second server using slapadd -n0.
Be sure to wipe ALL of the contents in the slapd.d directory before importing with slapadd.
ps: please keep the mailinglist on the Cc: so what we learn from this is for the greater good.
Greetings Christian
Thanks, Eric
-----openldap-technical-bounces@OpenLDAP.org wrote: -----To:
espeake@oreillyauto.com
From: Christian Kratzer Sent by: openldap-technical-bounces@OpenLDAP.org Date: 08/08/2013 06:58AM Cc: openldap-technical@openldap.org Subject: Re: Schema Replication and data replication
Hi,
On Wed, 7 Aug 2013, espeake@oreillyauto.com wrote:
So we are cooking with warm oil and I wan to the cooking with hot
oil!!!!
I have been able to get upgraded 2.4.28 on open ldap. Having issue
with
getting a good build of 2.4.35. But that isn't the problem. Below is
the
log on my log from one of my consumers after starting the slapd
service.
<snipp> > > Here is where is stops. > > Here in the ldif file from my master: > > # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. > # CRC32 3411e7fc
use slapcat -n0 instead of copying manually the files from the slapd.d
directory.
dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcUpdateRef: ldap://tntest-ldap-master-1.oreillyauto.com olcsyncrepl: rid=002
provider=ldap://tntest-ldap-master-1.oreillyauto.com
type=refreshAndPersist retry="10 +" searchbase="cn=config" bindmethod=simple binddn="uid=admin,dc=oreillyauto,dc=com" credentials=<password> olcAccess: to * by dn="uid=admin,dc=oreillyauto,dc=com" write by dn="uid=ldapadmin,ou=system,dc=oreillyauto,dc=com" write by * none olcRootDN: cn=admin,cn=config olcRootPW:: c2VjcmV0 structuralObjectClass: olcDatabaseConfig entryUUID: 35b75e72-93c2-1032-9ca4-711c013d2dcb creatorsName: cn=config createTimestamp: 20130807153144Z entryCSN: 20130807153144.468097Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20130807153144Z
Here is the ldif from my consumer:
dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootDN: cn=admin,cn=config olcRootPW: secret structuralObjectClass: olcDatabaseConfig olcsyncrepl: {0}rid=002 provider=ldap://tntest-ldap-master-1.oreillyauto.com type=refreshOnly retry="5 +" searchbase="cn=config" bindmethod=simple binddn="cn=admin,cn=config" credentials=<password> schemachecking=on olcAccess: to * by dn="uid=admin,dc=oreillyauto,dc=com" write by dn="uid=ldapadmin,ou=system,dc=oreillyauto,dc=com" write by * none entryUUID: f074ba7c-09ed-1030-952b-0bb60fbd91a8 creatorsName: cn=config createTimestamp: 20110503162710Z entryCSN: 20110503162710.319234Z#000000#000#000000 modifiersName: cn=config ModifyTimestamp: 20110503162710Z
both your entryCSN have #000# for the serverID. Even though it seems you have somehow modified the configuration.
Your replication cannot work when you have not configured a serverID.
You need at least the following in your configs.
olcServerID: 1 ldap://tntest-ldap-master-1.oreillyauto.com olcServerID: 2 ldap://tntest-ldap-master-2.oreillyauto.com
Also why does the ModifyTimestamp: attribute from your second server
start with a capital 'M'.
Are you still somehow manually poking at the files in slapd.d ?
Please use slapcat / slapadd with the -n0 option to export and import
your configuration.
Greetings Christian
-- Christian Kratzer CK Software GmbH Email: ck@cksoft.de Wildberger Weg 24/2 Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart Web: http://www.cksoft.de/%C2%A0%C2%A0 Geschaeftsfuehrer: Christian
Kratzer
-- This message has been scanned for viruses and dangerous content, and is believed to be clean. Message id: 7014E600847.AEC40
This communication and any attachments are confidential, protected by
Communications Privacy Act 18 USCS § 2510, solely for the use of the intended
recipient, and may contain legally privileged material. If you are not
the intended recipient, please return or destroy it immediately. Thank
you.
-- Christian Kratzer CK Software GmbH Email: ck@cksoft.de Wildberger Weg 24/2 Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart Web: http://www.cksoft.de/ Geschaeftsfuehrer: Christian
Kratzer
-- This message has been scanned for viruses and dangerous content, and is believed to be clean. Message id: 0E4806006FB.A1E33
This communication and any attachments are confidential, protected by
Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.
-- Christian Kratzer CK Software GmbH Email: ck@cksoft.de Wildberger Weg 24/2 Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart Web: http://www.cksoft.de/ Geschaeftsfuehrer: Christian Kratzer -- This message has been scanned for viruses and dangerous content, and is believed to be clean. Message id: 7C648600978.A269D
This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.