--On Thursday, March 3, 2022 10:58 AM +0100 Francesco Malvezzi francesco.malvezzi@unimore.it wrote:
I stopped slapd, deleted the mdb files, restarted slapd and in an acceptable time the users have been all re-synced with all zombies dropped. It is not elegant at all, so I need to investigate the deployment.
It would be much faster to export the DB on the provider (slapcat) and the import it on the consumer (slapadd -q) and guarantee correctness, especially with the known issues in the OpenLDAP 2.4 replication code.
But I wonder why you added sizelimit= to the syncrepl directive. Do you really have less than 100000 entries?
yes, the example.edu userbase is really this small (67k users more or less). Anyhow I removed the sizelimit, even if I think it would hurt me in the other way (banning users from showing up, not from being removed),
The replication process should not be subject to size limits.
Regards, Quanah