Hi!
I have checked the replication verification a little bit more.
First of all. I'm using 2.4.21 and you need to allow reading to both cn=monitor and cn=config. So using a monitoring user is important here. My slapd.conf configuration:
# syncrepl Provider for primary db overlay syncprov syncprov-checkpoint 5 1
# syncrepl directive syncrepl rid=001 provider=ldap://host2 bindmethod=simple binddn="cn=Manager,dc=domain,dc=com" credentials=secret searchbase="dc=domain,dc=com" schemachecking=on type=refreshAndPersist retry="60 +"
mirrormode on
# enable monitoring database monitor # allow onlu rootdn to read the monitor access to * by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read by * none # enable monitoring database config # allow onlu rootdn to read the monitor access to * by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read by * none
And the replication must update the contextCSN attribute. You can verify this by: ldapsearch -x -h <host> -D "<monitoring user>" -W -s base -b "dc=domain,dc=com" contextCSN
In my example the result is: dn: dc=domain,dc=com contextCSN: 20100823161844.565867Z#000000#000#000000 contextCSN: 20100825160932.333710Z#000000#001#000000
Hope this helps.
So as long as you can retrieve this information using the same monitoring user as configured in CN=Monitor you should retrieve replication verification info.
Regards - Andreas
On Jan 26, 2011, at 10:30 PM, Peter Boosten wrote:
On 26 jan 2011, at 19:59, Peter Boosten wrote:
On 26 jan 2011, at 19:32, Andreas Andersson wrote:
How about replication verification? Can you confirm that its working?
Ok, looking at the screenshot you sent in your first email, replication settings don't seem to be recognized in my setup (you have an error below the selected server, showing the server whom is replicated to, but in my setup there's no such arrow, nor another server).
Any ideas?
After some testing there's actually more not working, for instance: the collectsummary.php script doesn;t return any values (all 0), ut if I try the ldapquery manually, it actually gives non-zero results:
ra% ldapsearch -x -D "cn=root,dc=boosten,dc=org" -W -b "cn=operations,cn=monitor" -LLL '(cn=modify)' monitorOpCompleted Enter LDAP Password: dn: cn=Modify,cn=Operations,cn=Monitor monitorOpCompleted: 19
and from the cli log:
0 ) modify - Summary Value: 0 0 ) modify - Value NOT Stored to db as it is empty
I'm on OpenLDAP 2.4.23, on FreeBSD.
-- Peter Boosten http://www.boosten.org