Oliver Henriot wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dear list users,
I have a master openldap 2.3 server which is replicated via syncrepl on half a dozen other servers (2.3 too). Due to a legacy application from which I have to import passwords once a day, the master server is stopped, erased and re-built from scratch once every day...
I have noticed that all the replicas have recovered only a partial subset of the entries and the strange thing is that all the replicas have the same subset. They are all missing a few hundred entries.
When I stop the replicas, erase their data and start them anew, they replicate just fine and are consistent with the master server.
I was wondering : could this be due to the fact that the replicas have problems erasing the old entries and replacing them with the new set of entries?
No.
Would increasing syncprov-checkpoint<ops> and syncprov-sessionlog<size> values improve the situation?
No.
I also recall reading something about a specific configuration directive to improve delete replication but I have a feeling it was 2.4 specific...
What you're doing is unsupported. Syncrepl only works if all of the changes to the database are visible to the consumers, so that the before and after state can be determined. When you completely delete the provider DB and re-import it while the provider is shutdown there's no way for the consumers to track this, and after the delete there's no longer any record of the old contents on the provider.
If you're going to completely delete your database on the provider and expect the consumers to notice this, you must start the provider with an empty database so the consumers see the empty state and empty themselves accordingly. Then re-populate the provider and the consumers will likewise. All in all this is not a good way to operate your database...