Hello,

 

I configured MirrorMode replication between 2 openldap 2.4 node installed on Debian (from apt).

 

Everything is working fine when the two nodes are online but if I stop the second node, and add new datas to the first node, then restart the second node, the new data are not synced.

However, if I then add new datas on node 1, they are replicated to node2 without problem.

 

Here is a scenario of this problem :

1/ node1 and node 2 are online : I add user1 to node 1 => user1 appears on node2 => ok

2/ node1 is online and node2 is off : I add user2 on node1 => nothing happens on node2 as it is off => ok

3/ I restart node2 => user2 is not replicated to node2 => not ok

4/ node1 and node 2 are online : I add user3 to node 1 => user3 appears on node2 => ok

 

At the end of this scenario, node1 contains user1, user2 and user3 and node2 contains only user1 and user3 (but not user2).

 

How can I slove this problem ?

 

Thank you for your help,

 

Best regards,

 

Fred

 

Here is my config :

version: 1

 

dn: cn=config

objectClass: olcGlobal

cn: config

olcAllows: bind_v2

olcArgsFile: /var/run/slapd/slapd.args

olcLogLevel: any

olcPidFile: /var/run/slapd/slapd.pid

olcServerID: 1 ldap://192.168.1.103

olcServerID: 2 ldap://192.168.1.104

olcSizeLimit: 1000000

olcToolThreads: 1

 

dn: cn=module{0},cn=config

objectClass: olcModuleList

cn: module{0}

olcModuleLoad: {0}back_hdb

olcModuleLoad: {1}syncprov

olcModulePath: /usr/lib/ldap

 

dn: olcBackend={0}hdb,cn=config

objectClass: olcBackendConfig

olcBackend: {0}hdb

 

dn: olcDatabase={-1}frontend,cn=config

objectClass: olcDatabaseConfig

objectClass: olcFrontendConfig

olcDatabase: {-1}frontend

olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern

al,cn=auth manage by * break

olcAccess: {1}to dn.exact="" by * read

olcAccess: {2}to dn.base="cn=Subschema" by * read

olcSizeLimit: 500

 

dn: olcDatabase={0}config,cn=config

objectClass: olcDatabaseConfig

olcDatabase: {0}config

olcAccess: {0}to * by dn.exact="uid=syncrepl,dc=tracteur91,dc=local" read by

  * break

olcAccess: {1}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern

al,cn=auth manage by * break

olcLimits: {0}dn.exact="uid=syncrepl,dc=tracteur91,dc=local" size=unlimited

olcMirrorMode: TRUE

olcRootDN: cn=admin,cn=config

olcRootPW: {MD5}BkY718PMIcgBNjpfXmGpOA==

olcSyncrepl: {0}rid=001 provider="ldap://192.168.1.103" searchbase="cn=confi

g" type=refreshAndPersist bindmethod=simple binddn="uid=syncrepl,dc=tracteu

r91,dc=local" credentials="Tr@cteur91" retry="30 +" network-timeout=5 timeo

ut=30

olcSyncrepl: {1}rid=002 provider="ldap://192.168.1.104" searchbase="cn=confi

g" type=refreshAndPersist bindmethod=simple binddn="uid=syncrepl,dc=tracteu

r91,dc=local" credentials="Tr@cteur91" retry="30 +" network-timeout=5 timeo

ut=30

 

dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config

objectClass: olcOverlayConfig

objectClass: olcSyncProvConfig

olcOverlay: {0}syncprov

olcSpCheckpoint: 100 5

 

dn: olcDatabase={1}hdb,cn=config

objectClass: olcDatabaseConfig

objectClass: olcHdbConfig

olcDatabase: {1}hdb

olcDbDirectory: /var/lib/ldap

olcAccess: {0}to * by dn.exact="uid=syncrepl,dc=tracteur91,dc=local" read by

  * break

olcAccess: {1}to attrs=userPassword,shadowLastChange by self write by anonym

ous auth by dn="cn=admin,dc=tracteur91,dc=local" write by * none

olcAccess: {2}to dn.base="" by * read

olcAccess: {3}to * by self write by dn="cn=admin,dc=tracteur91,dc=local" wri

te by * read

olcDbCheckpoint: 512 30

olcDbConfig: {0}set_cachesize 0 2097152 0

olcDbConfig: {1}set_lk_max_objects 1500

olcDbConfig: {2}set_lk_max_locks 1500

olcDbConfig: {3}set_lk_max_lockers 1500

olcDbIndex: objectClass eq

olcDbIndex: uid eq

olcDbIndex: cn eq

olcDbIndex: ou eq

olcDbIndex: dc eq

olcDbIndex: entryCSN eq

olcDbIndex: entryUUID eq

olcLastMod: TRUE

olcLimits: {0}dn.exact="uid=syncrepl,dc=tracteur91,dc=local" size=unlimited

olcMirrorMode: TRUE

olcRootDN: cn=admin,dc=tracteur91,dc=local

olcRootPW: {SSHA}ZtvvlHUQYloI17cv2/cjPFmx51+Ut/+5

olcSuffix: dc=tracteur91,dc=local

olcSyncrepl: {0}rid=003 provider="ldap://192.168.1.103" searchbase="dc=tract

eur91,dc=local" type=refreshAndPersist bindmethod=simple binddn="uid=syncre

pl,dc=tracteur91,dc=local" credentials="Tr@cteur91" retry="30 +" network-ti

meout=5 timeout=30

olcSyncrepl: {1}rid=004 provider="ldap://192.168.1.104" searchbase="dc=tract

eur91,dc=local" type=refreshAndPersist bindmethod=simple binddn="uid=syncre

pl,dc=tracteur91,dc=local" credentials="Tr@cteur91" retry="30 +" network-ti

meout=5 timeout=30

 

dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config

objectClass: olcOverlayConfig

objectClass: olcSyncProvConfig

olcOverlay: {0}syncprov

olcSpCheckpoint: 100 5