On Fri, Jan 29, 2010 at 2:16 PM, Quanah Gibson-Mount quanah@zimbra.comwrote:
--On Friday, January 29, 2010 1:56 PM -0700 Hung Luu hung.n.luu@gmail.com wrote:
Hello all,
In a syncrepl setup, I understand that the syncrepl specification is defined on the consumer server. I understand this to mean that I should apply my LDIF (that adds the olcSyncrepl attribute to my config and hdb backends) on the consumer server. However, ldapadd was only successful in configuring my config backend for syncrepl, which is defined first in the LDIF, and failed with LDAP error 53 when attempting to add the olcSyncrepl attribute to my hdb backend; additional error info: "shadow context; no update referral."
Is this because the olcSyncrepl attribute added to my config backend already established my consumer server as a replica and hence subsequent writes to the consumer server will not be accepted?
Ideally, I wanted to add the syncrepl configuration in my slapd.conf and then convert it to cn=config; however, this doesn't appear to work with 2.4.21 because the slaptest added a uri="" to the olcSyncrepl attribute that running slapd complained of an invalid URL for olcSyncrepl. This is not an issue in 2.4.20.
Anyway, what's the right way for me to configure syncrepl on my 2.4.21 consumer server for both the config and hdb backends?
It works for me with 2.4.21:
dn: olcDatabase={2}hdb,cn=config changetype: modify add: olcSyncrepl olcSyncrepl: rid=100 provider=${ldap_master_url} bindmethod=si mple timeout=0 network-timeout=0 binddn=uid=zmreplica,cn=admins,cn=zimbra c redentials=${ldap_replication_password} starttls=critical filter="(objectclass=*)" searchbase="" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" logbase=cn=access log scope=sub schemachecking=off type=refreshAndPersist retry="60 +" syncdat a=accesslog tls_cacertdir=/opt/zimbra/conf/ca
is the LDIF I use to ldapmodify my entry.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration
Are you able to get it to work with ldapadd as well? I'm getting a segmentation fault using ldapmodify (installed as part of openldap-clients.x86_64 rpm 2.3.43-3.el5).
Here's my LDIF file:
dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncrepl olcSyncrepl: rid=000 provider="ldap://provider:389" type=refreshAndPersist retry="5 5 300 +" searchbase="cn=config" attrs="*,+" bindmethod=simple binddn="cn=ldap,ou=services,dc=example,dc=com" credentials=secret
dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcSyncrepl olcSyncrepl: rid=001 provider="ldap://provider:389" type=refreshAndPersist retry="5 5 300 +" searchbase="dc=example,dc=com" attrs="*,+" bindmethod=simple binddn="cn=ldap,ou=services,dc=example,dc=com" credentials=secret
Something else that I tried that seems to get syncrepl working on 2.4.21 is to use a slapd.d converted from a 2.4.20 slapd.conf, but I'm a little uneasy about it.
Thanks, Hung.