"A. Schulze" sca@andreasschulze.de schrieb am 08.03.2016 um 21:13 in
Nachricht 20160308211316.Horde.GypvzvjbSnE4DU4U3p33UA1@andreasschulze.de:
Hello,
I'm a longtime openldap and syncreplica user. Now I learned about delta replication and the option "strictrefresh". But it doesn't work as promised. Maybe my expectation is simply wrong...
Let's describe my use case: One ore two provider serve data to numerous consumer. Application running on the consumer host are configured to query the local consumer first and fall back to the provider. A typical LDAP-URI looks like "ldap://localhost ldaps://provider1 ldaps://provider2" Application only /read/ data.
Sometimes it happen the consumer go out of sync. Convenient solution:
What you describe is not a database out of sync, but a corrupted database. You never have to delete a database that is out of sync; you'll just have to refresh it, and that should be automatic if configured and working correctly
delete the consumer ldap database and restart slapd. Now it take some time to fetch the whole data from provider to consumer server.
It would be definitely helpful to have a diff of the databases (between up-to-date, and outdated).
Just in this time frame the application may query ldap://localhost and get an answer which is simply wrong because the data transfer is still in progress. That's what I want to avoid.
What you did not say is who is updating the data, and where.
Is that possible with openldap at all
"time was invented in universe so that not everything would happen at once" (vague memory of som UNIX fortune cookie) ;-)
Regards, Ulrich