Hi,
We are on a process of merging datas from a remote database to a local database. The two databases have the same base dn. To ease this process, I thought for a way to make a union of the remote database and the local database until remote datas are merged to local database. From my reading I found this thread http://thread.gmane.org/gmane.network.openldap.technical/11893 that is something that correspond I think to what I want.
The practical part is done on a debian jessie 8.2 with openldap 2.4.40+dfsg-1+deb8u1 version. The local database definition is like this.
# Entry 1: olcDatabase={2}mdb,cn=config dn: olcDatabase={2}mdb,cn=config objectclass: olcDatabaseConfig objectclass: olcMdbConfig olcaccess: ... olcdatabase: {2}mdb olcdbdirectory: /var/lib/ldap/base_dn olcdbindex: ... olcdbmaxsize: 104857600 olclimits: ... olcrootdn: cn=admin,dc=base,dc=dn olcrootpw: {SSHA}....... olcsuffix: dc=base,dc=dn olcsyncrepl: ... olcupdateref: ldap://master.ldap.server/
To this database definition I have added this part to make translucent work.
# ldapadd -Y EXTERNAL -H ldapi:/// << EOF dn: olcOverlay=translucent,olcDatabase={2}mdb,cn=config objectClass: olcConfig objectClass: olcOverlayConfig objectClass: olcTranslucentConfig objectClass: top olcOverlay: translucent EOF
# ldapadd -Y EXTERNAL -H ldapi:/// << EOF dn: olcDatabase=ldap,olcOverlay={3}translucent,olcDatabase={2}mdb,cn=config objectClass: olcConfig objectClass: olcLDAPConfig objectClass: olcTranslucentDatabase objectClass: olcDatabaseConfig olcDbURI: ldap://remote-ldap.server olcDbIDAssertBind: bindmethod="simple" binddn="cn=binddn,dc=base,dc=dn" credentials="onepassword" mode="self" EOF
With this configuration, I can see on the local server, the entries that are available on the remote server only, an ldapsearch does not return entries available on the local server. Is this the normal behavior ?
Another problem is that when I restart slapd, I have an error like this
slapd[3440]: @(#) $OpenLDAP: slapd (Sep 11 2015 15:11:55) $#012#011buildd@babin:/build/openldap-nFTO9j/openldap-2.4.40+dfsg/debian/build/servers/slapd slapd[3441]: syncprov_db_open: invalid config, lastmod must be enabled slapd[3441]: backend_startup_one (type=mdb, suffix="dc=linkeo,dc=com"): bi_db_open failed! (-1) slapd[3441]: DIGEST-MD5 common mech free slapd[3441]: slapd stopped.
I have to reload config without dn: olcOverlay=translucent,olcDatabase={2}mdb,cn=config and dn: olcDatabase=ldap,olcOverlay={3}translucent,olcDatabase={2}mdb,cn=config entries to make slapd start properly.
Can somebody tell me what I have done wrong ?
Thanks,