A. Schulze wrote:
Hello,
I'm a longtime openldap and syncreplica user. Now I learned about delta replication and the option "strictrefresh". But it doesn't work as promised. Maybe my expectation is simply wrong...
Let's describe my use case: One ore two provider serve data to numerous consumer. Application running on the consumer host are configured to query the local consumer first and fall back to the provider. A typical LDAP-URI looks like "ldap://localhost ldaps://provider1 ldaps://provider2" Application only /read/ data.
Sometimes it happen the consumer go out of sync. Convenient solution: delete the consumer ldap database and restart slapd. Now it take some time to fetch the whole data from provider to consumer server.
Just in this time frame the application may query ldap://localhost and get an answer which is simply wrong because the data transfer is still in progress. That's what I want to avoid.
Is that possible with openldap at all
strict refresh was an experiment, which is also why it remains undocumented. What you describe is the desired effect but as you've found, it doesn't work as intended. It looks to me that one of the refresh scenarios isn't being caught but I haven't looked closely at this feature in quite a while.
Patches welcome.