--On Tuesday, September 15, 2020 9:50 PM +0200 Stefan Kania stefan@kania-online.de wrote:
I did a lot of changes to my configuration via Ansible. Here is my provider configuration:
dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov olcSpCheckpoint: 100 10 olcSpSessionlog: 300
You have no ACCESSLOG OVERLAY here on your primary DB, which is not a valid delta-sync configuration.
dn: olcOverlay={0}accesslog,olcDatabase={3}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcAccessLogConfig olcOverlay: accesslog olcAccessLogDB: cn=accesslog olcAccessLogOps: writes olcAccessLogPurge: 01+00:00 00+04:00 olcAccessLogSuccess: TRUE
You have an ACCESSLOG OVERLAY here on your *accesslog* db, which is completely invalid.
dn: olcOverlay={1}syncprov,olcDatabase={3}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: {1}syncprov olcSpCheckpoint: 100 10 olcSpSessionlog: 300
You have an invalidly configured SYNCPROV OVERLAY on the accesslog DB. The only valid config items for the syncprov overlay on the accesslog db are:
olcSpNoPresent: TRUE olcSpReloadHint: TRUE
To summarize:
For delta-syncrepl, the PRIMARY db must have a SYNCPROV and ACCESSLOG overlay defined. The ACCESSLOG db must have a SYNCPROV overlay defined and it MUST set olcSpNoPresent to TRUE and olcSpReloadHint to TRUE.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com