Hey Guys, how are you doing ?
Well, I have the follow environment:
**Server 1:
/etc/openldap/slapd.conf ( Port 389 ) modulepath /usr/local/openldap/lib64/ moduleload back_ldap moduleload translucent moduleload dynlist moduleload back_monitor backend mdb backend ldap
allow bind_v2 allow bind_anon_dn
database mdb directory /usr/local/openldap/var/openldap-translucent suffix "dc=br" rootdn "ZZZZZZ" rootpw ZZZZZZZ maxsize 4294967296 sizelimit 100000 overlay translucent uri "ldap://localhost:1389/" translucent_bind_local on translucent_pwmod_local on translucent_local XXXXX idassert-bind bindmethod=none
overlay dynlist dynlist-attrset groupOfURLs memberURL member:uniqueMember
In the port 1389: /etc/openldap/slapd-syncrepl.conf
# syncrepl directives syncrepl rid=0 provider=ldap://Production_Server:389 bindmethod=simple binddn="ZZZZZZZZZZZZZZZ" credentials=XXXXXXXXX searchbase="dc=br" logbase="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" type=refreshAndPersist retry="60 +" syncdata=accesslog
# Refer updates to the master updateref ldap://Production_Server:389
**Server 2:
Same Configuration
Now, I need to add a new server, but without a translucent configuration, only a consumer.
So, I tried this:
modulepath /usr/local/openldap/lib64/ moduleload back_ldap moduleload translucent moduleload dynlist moduleload back_monitor backend mdb backend ldap
allow bind_v2 allow bind_anon_dn
# Modulos para Delta-syncrepl modulepath /usr/local/openldap/lib64 moduleload accesslog moduleload syncprov moduleload dynlist
moduleload back_hdb database hdb suffix cn=accesslog directory /usr/local/openldap/var/openldap-accesslog rootdn cn=accesslog rootpw XXXXXXXXXXXXXXXXXXXXXXXXX checkpoint 256 30 index default eq index entryCSN,objectClass,reqEnd,reqResult,reqStart
# Replication overlay syncprov syncprov-nopresent TRUE syncprov-reloadhint TRUE
limits dn.exact="XXXXXXXX" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
database mdb directory /usr/local/openldap/var/openldap-translucent suffix "dc=br"
rootdn "XXXXXXXXXXXXX" rootpw XXXXXXXXXXXXXXXXXXXXX maxsize 4294967296 sizelimit 100000 checkpoint 256 30 overlay translucent uri "ldap://localhost:1389/" translucent_bind_local on translucent_pwmod_local on translucent_local XXXXXXXXXXXXXXXXXXXXXXXXX idassert-bind bindmethod=none
overlay dynlist dynlist-attrset groupOfURLs memberURL member:uniqueMember
# syncrepl Provider for primary db overlay syncprov syncprov-checkpoint 1000 60
# accesslog overlay definitions for primary db overlay accesslog logdb cn=accesslog logops writes logsuccess TRUE
logpurge 07+00:00 01+00:00
But, I got this error:
55c25369 hdb_db_open: "cn=accesslog" 55c25369 hdb_db_open: database "cn=accesslog": unclean shutdown detected; attempting recovery. 55c25369 hdb_db_open: warning - no DB_CONFIG file found in directory /usr/local/openldap/var/openldap-accesslog: (2). Expect poor performance for suffix "cn=accesslog". 55c25369 hdb_db_open: database "cn=accesslog": recovery skipped in read-only mode. Run manual recovery if errors are encountered. 55c25369 mdb_db_open: "dc=br" 55c25369 syncprov_db_open: invalid config, lastmod must be enabled 55c25369 backend_startup_one (type=mdb, suffix="dc=br"): bi_db_open failed! (-1) slap_startup failed (test would succeed using the -u switch)
What is wrong ?