Hi Quanah,

Thanks for your answer. Here are the details asked:

OpenLDAP version 2.4.46.

Mirror configuration on node A:

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

# Global section
serverID 1
# database section

# syncrepl directive
syncrepl  rid=001
               provider=ldaps://02.host.com
               bindmethod=simple
               binddn="cn=root,dc=xxx"
               credentials=xxx
               searchbase="dc=xxx"
               schemachecking=on
               type=refreshAndPersist
               retry="10 +"
               tls_cacert=/usr/local/etc/openldap/cert/cert02.crt

mirrormode on

Mirror configuration on node B:
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

# Global section
serverID 2
# database section

# syncrepl directive
syncrepl  rid=001
               provider=ldaps://01.host.com
               bindmethod=simple
               binddn="cn=root,dc=xxx"
               credentials=xxx
               searchbase="dc=xxx"
               schemachecking=on
               type=refreshAndPersist
               retry="10 +"
               tls_cacert=/usr/local/etc/openldap/cert/cert01.crt

mirrormode on

Thank you very much.


On Tue, Apr 2, 2019 at 7:02 PM Quanah Gibson-Mount <quanah@symas.com> wrote:
--On Tuesday, April 02, 2019 4:59 PM -0300 Alex Hebra <hebraalex@gmail.com>
wrote:

>
>
> Hi there,
>
>
> I have a very critical OpenLDAP environment running on mirror mode
> configuration. Is has about 800.000 users.

Hello,

You failed to provide any information on the release of OpenLDAP you are
using and did not provide any information on the replication mechanism in
use.  By the sound of it, you are using standard syncrepl, where this sort
of problem is not uncommon, particularly with older versions of OpenLDAP.
I would suggest you start by noting the version of OpenLDAP in use and
providing information on the setup and configuration of the multimaster
nodes.

Regards,
Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>