On 31/08/2009 17:05, KISTER RAPHAEL wrote:
Hello,
I have to deploy an OpenLDAP in mirror mode and my OpenLDAP have 10 database. OpenLDAP is in 2.4.17 version and is deploy on Debian Lenny with Berkeley DB 4.6.
I would like to know if my config file is correct. Indeed, when i start my OpenLDAP and if i add some entries, these entries are not replicated on the second OpenLDAP.
Hi,
A quick look at your config brings 3 things to mind. However, to figure out why nothing is replicating, the best would probably be to start up both servers with loglevel sync.
1) You don't seem to have any replication in place for the top level database (suffix "dc=mycompany.com").
2) Each of your syncrepl statements contains 'filter="(entryUUID=*)"'. This is not necessary, but I presume this wouldn't actually cause replication problems.
3) Unrelated, but worth noting. The following ACLs will allow anonymous read access to cn=Monitor, although they seem to be designed not to. ACL are checked in order, and the 2nd ACL below allows anonymous read access to everything, so checking stops there and the 3rd ACL is never reached.
access to dn.base="" by * read access to * by self write by dn="cn=admin,cn=config" write by * read access to dn.subtree="cn=Monitor" by dn.exact="cn=admin,cn=config" write by users read by * none
Hope this helps, Jonathan
This is my config file for the first OpenLDAP :
# Global section serverID 1 # Inclusion des schemas include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/spr.schema # -1 ALL, 0 NODEBUG, 8 CONNECTION MANAGMT, 32 SEARCH FILTER PROCESS, 128 ACCESS CTRL, 256 STAT LOG (CON, OP, RES), 512 STAT LOG ENTRIES SENT, 16384 SYNC loglevel 0 # The maximum number of entries that is returned for a search operation sizelimit 500 # The tool-threads parameter sets the actual amount of cpu's that is used # for indexing. tool-threads 16 threads 32 pidfile /var/run/slapd.pid argsfile /var/run/slapd.args modulepath /usr/local/lib moduleload back_hdb moduleload back_ldap moduleload back_monitor moduleload syncprov.la access to dn.base="" by * read access to * by self write by dn="cn=admin,cn=config" write by * read access to dn.subtree="cn=Monitor" by dn.exact="cn=admin,cn=config" write by users read by * none backend hdb ####################################################################### # BDB database definitions ####################################################################### database monitor # Dynamic Config database config rootdn "cn=admin,cn=config" rootpw secret ############################################################################################ # Base Suffix 0 database hdb suffix "suffix=0,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u10/openldap cachesize 200000 cachefree 10000 shm_key 1 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 1 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u9/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=1 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=0,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 1 database hdb suffix "suffix=1,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u1/openldap cachesize 200000 cachefree 10000 shm_key 11 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 11 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u2/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=2 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=1,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 2 database hdb suffix "suffix=2,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u2/openldap cachesize 200000 cachefree 10000 shm_key 21 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 21 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u1/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=3 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=2,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 3 database hdb suffix "suffix=3,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u3/openldap cachesize 200000 cachefree 10000 shm_key 31 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 31 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u4/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=4 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=3,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 4 database hdb suffix "suffix=4,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u4/openldap cachesize 200000 cachefree 10000 shm_key 41 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 41 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u3/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=5 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=4,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 5 database hdb suffix "suffix=5,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u5/openldap cachesize 200000 cachefree 10000 shm_key 51 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 51 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u6/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=6 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=5,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 6 database hdb suffix "suffix=6,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u6/openldap cachesize 200000 cachefree 10000 shm_key 61 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 61 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u5/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=7 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=6,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 7 database hdb suffix "suffix=7,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u7/openldap cachesize 200000 cachefree 10000 shm_key 71 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 71 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u8/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=8 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=7,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 8 database hdb suffix "suffix=8,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u8/openldap cachesize 200000 cachefree 10000 shm_key 81 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 81 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u7/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=9 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=8,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base Suffix 9 database hdb suffix "suffix=9,dc=mycompany.com" rootdn "cn=admin,cn=config" subordinate directory /u9/openldap cachesize 200000 cachefree 10000 shm_key 91 dbconfig set_cachesize 0 268435456 1 dbconfig set_shm_key 91 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u10/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq # Index specifiques a la synchronisation index entryCSN eq index entryUUID eq index contextCSN eq # syncrepl directive syncrepl rid=10 type=refreshAndPersist provider=ldap://10.104.249.26 bindmethod=simple binddn="cn=admin,cn=config" credentials=secret searchbase="suffix=9,dc=mycompany.com" filter="(entryUUID=*)" sizelimit="unlimited" timelimit="unlimited" schemachecking=on retry="60 +" mirrormode on # define the provider to use the syncprov overlay # (last directives in database section) overlay syncprov syncprov-checkpoint 100 10 ############################################################################################ # Base racine database hdb suffix "dc=mycompany.com" rootdn "cn=admin,cn=config" directory /u0/openldap dbconfig set_cachesize 0 268435456 1 dbconfig set_lg_regionmax 1048576 dbconfig set_lg_max 52428800 dbconfig set_lg_bsize 2097152 dbconfig set_tx_max 100 dbconfig set_lg_dir /u0/db-logs dbconfig set_flags DB_LOG_AUTOREMOVE #dbconfig set_flags DB_TXN_NOSYNC index objectClass eq index msisdn eq index entryCSN eq index entryUUID eq index contextCSN eq ############################################################################################
The second file is the same, but serverID is 2 and i invert the provider for the replication.
Is this config is correct or i have to change something in order to have mirror sync to work ? Thank you for your help.
Raph