{i'm sorry if this a duplicated}

i've "successfully" set up replication in a master-slave orientation, with persistent replication; the consumer receives database changes as they are made to the master.

i initialize the consumer database using a ldif created on the provider: "slapcat -b dc=murphy,dc=bz-v -l transfer.ldif"

it has been functional for the past three weeks.for the most part it works, entries are updated immediately. however, twice the data entires within all organizational units have been deleted and about four times either the syncuser or the admin cn's have been deleted from the consumer.

i'm about to start over and entirely reconfigure the consumer. i'd appreciate any feedback on anything that needs adjusting in my configuration or any gotchas.
specifically
             - is my syncrepl directive accurate?
             - in initial configuration (dpkg) should i setup a different database than the one i intend to replicate?


both consumer and provider are running openldap 2.4.15-1ubuntu3

thanks.

 

provider's configuration:
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=murphy,dc=bz
olcAccess: {0}to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz" read by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz" read by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryCSN,entryUUID eq
structuralObjectClass: olcHdbConfig
entryUUID: e1dbc798-0ac2-102e-9977-37c480b68b78
creatorsName: cn=admin,cn=config
createTimestamp: 20090722042133Z
olcLimits: {0}dn.exact="cn=syncuser,dc=murphy,dc=bz" time.soft=unlimited time.
 hard=unlimited size.soft=unlimited size.hard=unlimited
entryCSN: 20090806001008.586987Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090806001008Z

dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
structuralObjectClass: olcModuleList
entryUUID: e1da8df6-0ac2-102e-996f-37c480b68b78
creatorsName: cn=config
createTimestamp: 20090722042133Z
entryCSN: 20090805014105.909778Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090805014105Z

dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: c94c1ab2-15ac-102e-8886-213db5dc8256
creatorsName: cn=admin,cn=config
createTimestamp: 20090805014105Z
entryCSN: 20090805014105.945605Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090805014105Z

consumer's configuration:
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=murphy,dc=bz
olcAccess: {0}to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz" write by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryCSN,entryUUID eq
structuralObjectClass: olcHdbConfig
entryUUID: ac0c4eee-1c74-102e-8275-a73f90e057e6
creatorsName: cn=admin,cn=config
createTimestamp: 20090813164703Z
olcRootDN: cn=admin,dc=murphy,dc=bz
olcSyncrepl: {0}rid=16 provider=ldaps://marcos.murphy.bz binddn="cn=syncuser,dc=murphy,dc=bz" bindmethod=simple credentials=replication searchbase="dc=murphy,dc=bz" scope=sub type=refreshAndPersist interval=00:00:20:00 retry="10 5 3 00 5"
entryCSN: 20090813183713.024346Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183713Z


dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
structuralObjectClass: olcModuleList
entryUUID: ac04c368-1c74-102e-826d-a73f90e057e6
creatorsName: cn=config
createTimestamp: 20090813164703Z
entryCSN: 20090813183712.967024Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183712Z

dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: 10653536-1c84-102e-9258-bf448f0d99c4
creatorsName: cn=admin,cn=config
createTimestamp: 20090813183714Z
entryCSN: 20090813183714.001905Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183714Z



--
Charles

Belmopan, Belize

"... we just love cars and we love driving them!"

http://www.cardomain.com/ride/2400106