Le jeudi 19 février 2009 11:38:48, Jonathan Clarke a écrit :
On 19.02.2009 10:36, Adrien Futschik wrote:
Hy !
it's me again :)
Hi again Adrien ;)
I am still testing n-way multi master replication with OpenLDAP 2.4.14. I don't know why I could modify my olcSyncrepl attribute from my data bdb.
I am binding with cn=config, and I can modify the olcSyncrepl attribute from olcDatabase={0}config, but not from olcDatabase={1}bdb !
I am getting this error : 08:57:25: Failed to update entry olcDatabase={1}bdb, cn=config Reason: [LDAP: error code 53 - shadow context; no update referral]
This appends on both masters. Is this supposed to be like that ? I have configured cn=config to replicate, this should work right ?
When you configure a database with syncrepl replication, it is marked as a shadow context. This makes sense for the general case when a database is a "slave" of a master server. Trying to update a shadowed database will return the "shadow context; no update referral" error, unless a "updateref" is set on that DB.
However, if you're using multi-master, and have set mirrormode on, this should no longer be the case, and all updates will be accepted.
So you should check:
- That mirrormode is on
- That your slapd listeners match your syncrepl providers, as I
suggested in another thread
If this is all the case, please give us your configuration, and tell us what operations you do that lead to this situation.
Regards, Jonathan
I have been doing some more tests : I have removed all olcSyncrepl attributes from olcDatabase={1}bdb and recreated them and here is what netstat showed me : [webadm@ntrsz00o scripts]$ netstat -a |grep 9011 | grep ntr.edfgdf; netstat -a |grep 9012 |grep ntr.edfgdf tcp 0 0 ntrsz00o:60409 ntrs000n.ntr.edfgdf.fr:9011 ESTABLISHED tcp 0 0 ntrsz00o:9012 ntrs000n.ntr.edfgdf.f:43952 ESTABLISHED tcp 0 0 ntrsz00o:9012 ntrs000n.ntr.edfgdf.f:37855 ESTABLISHED tcp 0 0 ntrsz00o:9012 ntrs000n.ntr.edfgdf.f:48601 ESTABLISHED
in normal situation it should look like this : tcp 0 0 ntrsz00o:55428 ntrs000n.ntr.edfgdf.fr:9011 ESTABLISHED tcp 0 0 ntrsz00o:55429 ntrs000n.ntr.edfgdf.fr:9011 ESTABLISHED tcp 0 0 ntrsz00o:9012 ntrs000n.ntr.edfgdf.f:38341 ESTABLISHED tcp 0 0 ntrsz00o:9012 ntrs000n.ntr.edfgdf.f:38340 ESTABLISHED
The replication doen't work anymore. When I try to update an entry, I am always getting this message : 11:31:04: Failed to update entry cn=M2client2@laposte.net, ou=clients, o=edf, c=fr Reason: [LDAP: error code 53 - shadow context; no update referral]
Whether I am trying to update on M1 or M2 doesn't matter. The only way I could get things back to normal, was to restart M1 & M2 (not sure restarting M2 was necessary)
Here is my configuration (sorry if it is hard to read): M1 : /appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config.ldif dn: cn=config objectClass: olcGlobal cn: config structuralObjectClass: olcGlobal entryUUID: 7d0731dd-547a-4b58-955a-c597dbbfbea7 creatorsName: cn=config createTimestamp: 20090219091451Z olcServerID: 1 ldap://163.106.38.90:9011/ olcServerID: 2 ldap://163.106.38.92:9012/ entryCSN: 20090219091452.602209Z#000000#001#000000 modifiersName: cn=config modifyTimestamp: 20090219091452Z contextCSN: 20090219103440.107501Z#000000#001#000000 contextCSN: 20090219103305.835740Z#000000#002#000000
/appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={0}config.ldif dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk= structuralObjectClass: olcDatabaseConfig entryUUID: 6b585f67-6b76-45df-a1f8-adc962b0a2fe creatorsName: cn=config createTimestamp: 20090219091451Z olcSyncrepl: {0}rid=001 provider=ldap://163.106.38.90:9011/ binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP ersist retry="5 5 300 2" timeout=3 olcSyncrepl: {1}rid=002 provider=ldap://163.106.38.92:9012/ binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP ersist retry="5 5 300 2" timeout=3 olcMirrorMode: TRUE entryCSN: 20090219094438.413960Z#000000#001#000000 modifiersName: cn=config modifyTimestamp: 20090219094438Z
/appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={1}bdb.ldif dn: olcDatabase={1}bdb objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: {1}bdb olcDbDirectory: ./openldap-data olcSuffix: c=fr olcRootDN: cn=admin,c=fr olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk= olcMirrorMode: TRUE olcDbIndex: default pres,eq olcDbIndex: cn,sn pres,eq,sub olcDbIndex: objectClass,entryCSN,entryUUID,seeAlso eq olcDbIndex: mail,givenName,uid pres,eq,sub structuralObjectClass: olcBdbConfig entryUUID: f4e1cd2c-8db0-4d47-86a7-5a7231e19914 creatorsName: cn=config createTimestamp: 20090219091458Z olcSyncrepl: {0}rid=004 provider=ldap://163.106.38.90:9011/ binddn="cn=admin,c =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe rsist retry="5 5 300 2" timeout=3 olcSyncrepl: {1}rid=005 provider=ldap://163.106.38.92:9012/ binddn="cn=admin,c =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe rsist retry="5 5 300 2" timeout=3 entryCSN: 20090219103440.107501Z#000000#001#000000 modifiersName: cn=config modifyTimestamp: 20090219103440Z
M2 : /appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config.ldif dn: cn=config objectClass: olcGlobal cn: config structuralObjectClass: olcGlobal entryUUID: 7cf95e72-e15a-47b8-923f-bb1910b26bb1 creatorsName: cn=config createTimestamp: 20090219091456Z olcServerID: 1 ldap://163.106.38.90:9011/ olcServerID: 2 ldap://163.106.38.92:9012/ entryCSN: 20090219091457.428606Z#000000#002#000000 modifiersName: cn=config modifyTimestamp: 20090219091457Z contextCSN: 20090219103440.107501Z#000000#001#000000 contextCSN: 20090219103305.835740Z#000000#002#000000
/appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={0}config.ldif dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk= entryUUID: 6b585f67-6b76-45df-a1f8-adc962b0a2fe createTimestamp: 20090219091451Z olcSyncrepl: {0}rid=001 provider=ldap://163.106.38.90:9011/ binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP ersist retry="5 5 300 2" timeout=3 olcSyncrepl: {1}rid=002 provider=ldap://163.106.38.92:9012/ binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP ersist retry="5 5 300 2" timeout=3 olcMirrorMode: TRUE structuralObjectClass: olcDatabaseConfig creatorsName: cn=config entryCSN: 20090219094438.413960Z#000000#001#000000 modifiersName: cn=config modifyTimestamp: 20090219094438Z
/appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={1}bdb.ldif dn: olcDatabase={1}bdb objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: {1}bdb olcDbDirectory: ./openldap-data olcSuffix: c=fr olcRootDN: cn=admin,c=fr olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk= olcMirrorMode: TRUE olcDbIndex: default pres,eq olcDbIndex: cn,sn pres,eq,sub olcDbIndex: objectClass,entryCSN,entryUUID,seeAlso eq olcDbIndex: mail,givenName,uid pres,eq,sub structuralObjectClass: olcBdbConfig entryUUID: f4e1cd2c-8db0-4d47-86a7-5a7231e19914 creatorsName: cn=config createTimestamp: 20090219091458Z olcSyncrepl: {0}rid=004 provider=ldap://163.106.38.90:9011/ binddn="cn=admin,c =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe rsist retry="5 5 300 2" timeout=3 olcSyncrepl: {1}rid=005 provider=ldap://163.106.38.92:9012/ binddn="cn=admin,c =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe rsist retry="5 5 300 2" timeout=3 entryCSN: 20090219103440.107501Z#000000#001#000000 modifiersName: cn=config modifyTimestamp: 20090219103440Z
Thanks in advance for your support,
Adrien