Hi,
I'm using a configuration with two slapd servers, master and replica. The problem is that replica is constantly desyncing. I'm monitoring it's number of users and groups and the cound of members of one particular group. Users and group entities are always in sync, but entities like groupOfUniqueNames are desyncing - they are not receiveing deltas from master, keeping their members count constant.
My config (done according to the documentation):
===Cut=== overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100
syncrepl rid=123 provider=ldap://xx.xx.xx.xx:389 type=refreshAndPersist interval=00:00:10:00 retry="60 10 300 +" filter="(objectClass=*)" searchbase="dc=my,dc=domain" attrs="*,+" schemachecking=off bindmethod=simple binddn="uid=proxy,ou=accounts,ou=internal,dc=my,dc=domain" credentials=XXXXXXXXXXXXXX ===Cut===
I've also tried the refreshOnly method, which gave me same result. In order to resync replica I have to flush the directory contents each time and restart the slapd. I'm also suspecting that this desyncing happens because for some reason replica slapd isn't refreshing attribute values, only entities themselves: today I found a user, which userPassword attributes were out of sync on the replica. As far as I understand the documentation, syncrepl should sync the attributes.
And the last question - is there any simple way to enable logging of syncrepl warnings and errors ? My experience with openldap logging tells me there's to mode of logging - "none" and "generate 10Gb of logs per day", but may me it's just me.
Thanks. Eugene.