Hi,


On 19/08/2009 22:12, charles wrote:
{i'm sorry if this a duplicated}

i've "successfully" set up replication in a master-slave orientation,
with persistent replication; the consumer receives database changes as
they are made to the master.

i initialize the consumer database using a ldif created on the provider:
/"//slapcat -b dc=murphy,dc=bz-v -l transfer.ldif"
/

Initializing the consumer database is not mandatory. Syncrepl will replicate all entries on first startup.

Of course, if you have a large number of entries in your directory, you may want to "prime" the consumer like this to avoid large network transfers.


it has been functional for the past three weeks.for the most part it
works, entries are updated immediately. however, twice the data entires
within all organizational units have been deleted and about four times
either the syncuser or the admin cn's have been deleted from the consumer.

That doesn't sound completely functional to me...
 
By functional, I mean it replicates as changes are made on the provider.
 


i'm about to start over and entirely reconfigure the consumer. i'd
appreciate any feedback on anything that needs adjusting in my
configuration or any gotchas.
specifically
             - is my syncrepl directive accurate?
             - in initial configuration (dpkg) should i setup a
different database than the one i intend to replicate?


both consumer and provider are running openldap 2.4.15-1ubuntu3

There have been many bugs fixed since 2.4.15 was released, in particular concerning syncrepl and syncprov. If you're setting up this system now, I really recommend using the latest version (2.4.17).

Regarding your configuration, it looks OK at a quick glance.
A few comments:
- you don't need syncprov overlay on the consumer.
- the "interval" parameter is only useful for refreshOnly.
- your "retry" parameter will (eventually) stop retrying. Use the "+" modifier to cause retry forever.

will adjust the directives and remove the overlay.
i also looked at the release notes and changes before my submission, there didn't seem to be any changes pertinent to my situation. i'm also trying to roll as few software as possible.



I hope this helps,
Jonathan

thanks.

Thanks alot.



provider's configuration:
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=murphy,dc=bz
olcAccess: {0}to
attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by
dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz"
read by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=murphy,dc=bz" write by
dn="cn=syncuser,dc=murphy,dc=bz" read by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryCSN,entryUUID eq
structuralObjectClass: olcHdbConfig
entryUUID: e1dbc798-0ac2-102e-9977-37c480b68b78
creatorsName: cn=admin,cn=config
createTimestamp: 20090722042133Z
olcLimits: {0}dn.exact="cn=syncuser,dc=murphy,dc=bz" time.soft=unlimited
time.
 hard=unlimited size.soft=unlimited size.hard=unlimited
entryCSN: 20090806001008.586987Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090806001008Z

dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
structuralObjectClass: olcModuleList
entryUUID: e1da8df6-0ac2-102e-996f-37c480b68b78
creatorsName: cn=config
createTimestamp: 20090722042133Z
entryCSN: 20090805014105.909778Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090805014105Z

dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: c94c1ab2-15ac-102e-8886-213db5dc8256
creatorsName: cn=admin,cn=config
createTimestamp: 20090805014105Z
entryCSN: 20090805014105.945605Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090805014105Z

consumer's configuration:
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=murphy,dc=bz
olcAccess: {0}to
attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by
dn="cn=admin,dc=murphy,dc=bz" write by dn="cn=syncuser,dc=murphy,dc=bz"
write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=murphy,dc=bz" write by
dn="cn=syncuser,dc=murphy,dc=bz" write by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryCSN,entryUUID eq
structuralObjectClass: olcHdbConfig
entryUUID: ac0c4eee-1c74-102e-8275-a73f90e057e6
creatorsName: cn=admin,cn=config
createTimestamp: 20090813164703Z
olcRootDN: cn=admin,dc=murphy,dc=bz
olcSyncrepl: {0}rid=16 provider=ldaps://marcos.murphy.bz
<http://marcos.murphy.bz/> binddn="cn=syncuser,dc=murphy,dc=bz"

bindmethod=simple credentials=replication searchbase="dc=murphy,dc=bz"
scope=sub type=refreshAndPersist interval=00:00:20:00 retry="10 5 3 00 5"
entryCSN: 20090813183713.024346Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183713Z


dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
structuralObjectClass: olcModuleList
entryUUID: ac04c368-1c74-102e-826d-a73f90e057e6
creatorsName: cn=config
createTimestamp: 20090813164703Z
entryCSN: 20090813183712.967024Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183712Z

dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: 10653536-1c84-102e-9258-bf448f0d99c4
creatorsName: cn=admin,cn=config
createTimestamp: 20090813183714Z
entryCSN: 20090813183714.001905Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20090813183714Z



--
Charles

Belmopan, Belize

"... we just love cars and we love driving them!"

http://www.cardomain.com/ride/2400106





--
Charles

Belmopan, Belize

"... we just love cars and we love driving them!"

http://www.cardomain.com/ride/2400106