Hi Quanah,

Thanks for your answer. Here are the details asked:

OpenLDAP version 2.4.46.

Mirror configuration on node A:

overlay syncprov

syncprov-checkpoint 100 10

syncprov-sessionlog 100

# Global section

serverID 1

# database section

# syncrepl directive

syncrepl rid=001

provider=ldaps://02.host.com

bindmethod=simple

binddn="cn=root,dc=xxx"

credentials=xxx

searchbase="dc=xxx"

schemachecking=on

type=refreshAndPersist

retry="10 +"

tls_cacert=/usr/local/etc/openldap/cert/cert02.crt

mirrormode on

Mirror configuration on node B:

overlay syncprov

syncprov-checkpoint 100 10

syncprov-sessionlog 100

# Global section

serverID 2

# database section

# syncrepl directive

syncrepl rid=001

provider=ldaps://01.host.com

bindmethod=simple

binddn="cn=root,dc=xxx"

credentials=xxx

searchbase="dc=xxx"

schemachecking=on

type=refreshAndPersist

retry="10 +"

tls_cacert=/usr/local/etc/openldap/cert/cert01.crt

mirrormode on

Thank you very much.

On Tue, Apr 2, 2019 at 7:02 PM Quanah Gibson-Mount <quanah@symas.com> wrote:

--On Tuesday, April 02, 2019 4:59 PM -0300 Alex Hebra <hebraalex@gmail.com>
wrote:

>
>
> Hi there,
>
>
> I have a very critical OpenLDAP environment running on mirror mode
> configuration. Is has about 800.000 users.

Hello,

You failed to provide any information on the release of OpenLDAP you are
using and did not provide any information on the replication mechanism in
use. By the sound of it, you are using standard syncrepl, where this sort
of problem is not uncommon, particularly with older versions of OpenLDAP.
I would suggest you start by noting the version of OpenLDAP in use and
providing information on the setup and configuration of the multimaster
nodes.

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>