Quanah Gibson-Mount wrote on 07/26/2018 01:54 PM:
a) Do you have a unique olcServerID set in cn=config for both masters?
Yes I thought I set that according to the guide. Actually just noticed in the guide that both ldifs use "olcServerID: 1" so perhaps that is a mistake? If I search for that variable on node1, I can see it in the config: slapd.d/cn=config.ldif:olcServerID: 1
I ran a transaction on node2 to set it to 2, and now it is showing up on node1: slapd.d/cn=config.ldif:olcServerID: 2
Actually when I look in the debug log for node1 I am see an entries like this:
Jul 26 16:31:32 node1 slapd[10218]: conn=4826 fd=25 ACCEPT from IP=<node2's IP>:41782 (IP=0.0.0.0:389) Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=0 BIND dn="cn=Manager,dc=genome,dc=arizona,dc=edu" method=128 Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=0 BIND dn="cn=Manager,dc=genome,dc=arizona,dc=edu" mech=SIMPLE ssf=0 Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=0 RESULT tag=97 err=0 text= Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=1 MOD dn="cn=config" Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=1 MOD attr=olcServerID Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=1 RESULT tag=103 err=0 text= Jul 26 16:31:32 node1 slapd[10218]: conn=4826 op=2 UNBIND Jul 26 16:31:32 node1 slapd[10218]: conn=4826 fd=25 closed Jul 26 16:31:50 node1 slapd[10218]: conn=4827 fd=25 ACCEPT from IP=<node2's IP>:41784 (IP=0.0.0.0:389) Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=0 BIND dn="cn=Manager,dc=genome,dc=arizona,dc=edu" method=128 Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=0 BIND dn="cn=Manager,dc=genome,dc=arizona,dc=edu" mech=SIMPLE ssf=0 Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=0 RESULT tag=97 err=0 text= Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=1 MOD dn="olcDatabase={1}bdb,cn=config" Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=1 MOD attr=olcSyncrepl olcMirrorMode Jul 26 16:31:50 node1 slapd[10218]: olcMirrorMode: value #0: <olcMirrorMode> database is not a shadow Jul 26 16:31:50 node1 slapd[10218]: olcMirrorMode: value #0: <olcMirrorMode> database is not a shadow Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=1 RESULT tag=103 err=80 text=<olcMirrorMode> database is not a shadow Jul 26 16:31:50 node1 slapd[10218]: conn=4827 op=2 UNBIND Jul 26 16:31:50 node1 slapd[10218]: conn=4827 fd=25 closed
on node2 there is no setting for olcServerID, am just using 'grep -R olcServerID *' in the /etc/openldap/slapd.d directory
so it seems there is some sort of replication that is already happening... however when I used ldapsearch to search for my uid for example, it is only found when using node1 for the host whereas node2 returns "No such object"
b) Have you made sure there is no olcUpdateRef attribute set?
It does not appear to be set on either node, am just using grep again in the /etc/openldap/slapd.d directory
c) What version of OpenLDAP are you running?
slapd 2.4.40 on both nodes.
d) I would note that back-bdb is deprecated. You may want to investigate migrating to back-mdb.
Actually I'm about the 4th system admin to take over these machines and sadly have little knowledge of LDAP... so please bear with me... our config is maybe very messy! the "database is not a shadow" error, does it mean back-bdb does not support replication? If so, how do migrate everything to back-mdb?
e) I would suggesting making this a single transaction:
Thanks I did try that but still got <olcMirrorMode> database is not a shadow