Hi, I am currently working on setting up a new openldap environment, based on the current stable version of 2.4.34
I have two servers, ldap1 and ldap2, which are performing mirror-mode multi-master replication.
When ldap1 and ldap2 are both up, adds/deletes/modifications are replicated correctly.
When ldap1 is up and ldap2 is down, adds/modifications can be performed successfully against ldap1, and when ldap2 comes back up, changes are replicated successfully.
Problem is, if ldap2 is down, and a deletion occurs against ldap1, when ldap2 comes back up, the deletion is not replicated.
Here are my slapd.confs for each server
ldap1: ----------------------------- include /opt/openldap/etc/openldap/schema/core.schema pidfile /opt/openldap/var/run/slapd.pid argsfile /opt/openldap/var/run/slapd.args moduleload syncprov.la moduleload accesslog.la moduleload back_bdb.la serverID 1
####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=manager,dc=example,dc=com" rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk directory /opt/openldap/var/openldap-data checkpoint 10240 720 cachesize 50000 dbconfig set_cachesize 0 524288000 1 dbconfig set_lk_max_locks 3000 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_lockers 1500 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 syncrepl rid=001 provider=ldap://ldap2.example.com:389 binddn="cn=manager,dc=example,dc=com" bindmethod=simple credentials=password searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:01 retry="60 +" schemachecking=on
index objectClass eq index entryUUID eq index entryCSN eq
mirrormode on overlay syncprov syncprov-nopresent TRUE syncprov-reloadhint TRUE syncprov-checkpoint 100 1
ldap2: ----------------------------- include /opt/openldap/etc/openldap/schema/core.schema pidfile /opt/openldap/var/run/slapd.pid argsfile /opt/openldap/var/run/slapd.args moduleload syncprov.la moduleload accesslog.la moduleload back_bdb.la serverID 2
####################################################################### # BDB database definitions #######################################################################
database bdb suffix "dc=example,dc=com" rootdn "cn=manager,dc=example,dc=com" rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk directory /opt/openldap/var/openldap-data checkpoint 10240 720 cachesize 50000 dbconfig set_cachesize 0 524288000 1 dbconfig set_lk_max_locks 3000 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_lockers 1500 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 syncrepl rid=001 provider=ldap://ldap1.example.com:389 binddn="cn=manager,dc=example,dc=com" bindmethod=simple credentials=password searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:01 retry="60 +" schemachecking=on
index objectClass eq index entryUUID eq index entryCSN eq
mirrormode on overlay syncprov syncprov-nopresent TRUE syncprov-reloadhint TRUE syncprov-checkpoint 100 1
Here is the logging output at level 16384
ldap1: ----------------------------- 51401797 bdb_monitor_db_open: monitoring disabled; configure monitor database to enable 51401797 slapd starting 51401797 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE 514017ae do_syncrep2: rid=001 (-1) Can't contact LDAP server 514017ae do_syncrepl: rid=001 rc -1 retrying 514017c9 slap_queue_csn: queing 0x7fa53f0c5020 20130313060809.655329Z#000000#001#000000 514017c9 slap_graduate_commit_csn: removing 0x7fa530100910 20130313060809.655329Z#000000#001#000000 514017cc syncprov_search_response: cookie=rid=001,sid=001,csn=20130313060809.655329Z#000000#001#000000;20130313054634.762054Z#000000#002#000000 514017e8 slap_queue_csn: queing 0x7fa53e8c4470 20130313060840.173887Z#000000#001#000000 514017e8 slap_graduate_commit_csn: removing 0x7fa534101170 20130313060840.173887Z#000000#001#000000 514017ea slap_client_connect: URI=ldap://ldap2.example.com:389 DN="cn=manager,dc=example,dc=com" ldap_sasl_bind_s failed (-1) 514017ea do_syncrepl: rid=001 rc -1 retrying 514017ed syncprov_search_response: cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000 51401826 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
ldap2: ----------------------------- 514017ed bdb_monitor_db_open: monitoring disabled; configure monitor database to enable 514017ed slapd starting 514017ed do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE 514017ed do_syncrep2: rid=001 cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000 514017ed slap_queue_csn: queing 0x7f5070109540 20130313060840.173887Z#000000#001#000000 514017ed slap_graduate_commit_csn: removing 0x7f50701096b0 20130313060840.173887Z#000000#001#000000
Heres the command I'm using on the client to perform the delete:
While ldap2 is offline, ldapdelete -h ldap1 -x -r -D "cn=manager,dc=example,dc=com" -w password "ou=groups,dc=example,dc=com"
Let me know if you want any further information
I'm sure its something stupid I'm missing, but would appreciate any assistance with this.
Cheers, Adam