Hey Guys, how are you doing ?
Well, I have the follow environment:
**Server 1:
/etc/openldap/slapd.conf ( Port 389 )
modulepath /usr/local/openldap/lib64/
moduleload back_ldap
moduleload translucent
moduleload dynlist
moduleload back_monitor
backend mdb
backend ldap
allow bind_v2
allow bind_anon_dn
database mdb
directory /usr/local/openldap/var/openldap-translucent
suffix "dc=br"
rootdn "ZZZZZZ"
rootpw ZZZZZZZ
maxsize 4294967296
sizelimit 100000
overlay translucent
uri "ldap://localhost:1389/"
translucent_bind_local on
translucent_pwmod_local on
translucent_local XXXXX
idassert-bind bindmethod=none
overlay dynlist
dynlist-attrset groupOfURLs memberURL member:uniqueMember
In the port 1389:
/etc/openldap/slapd-syncrepl.conf
# syncrepl directives
syncrepl rid=0
provider=ldap://Production_Server:389
bindmethod=simple
binddn="ZZZZZZZZZZZZZZZ"
credentials=XXXXXXXXX
searchbase="dc=br"
logbase="cn=accesslog"
logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"
type=refreshAndPersist
retry="60 +"
syncdata=accesslog
# Refer updates to the master
updateref ldap://Production_Server:389
**Server 2:
Same Configuration
Now, I need to add a new server, but without a translucent configuration, only a consumer.
So, I tried this:
modulepath /usr/local/openldap/lib64/
moduleload back_ldap
moduleload translucent
moduleload dynlist
moduleload back_monitor
backend mdb
backend ldap
allow bind_v2
allow bind_anon_dn
# Modulos para Delta-syncrepl
modulepath /usr/local/openldap/lib64
moduleload accesslog
moduleload syncprov
moduleload dynlist
moduleload back_hdb
database hdb
suffix cn=accesslog
directory /usr/local/openldap/var/openldap-accesslog
rootdn cn=accesslog
rootpw XXXXXXXXXXXXXXXXXXXXXXXXX
checkpoint 256 30
index default eq
index entryCSN,objectClass,reqEnd,reqResult,reqStart
# Replication
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
limits dn.exact="XXXXXXXX" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
database mdb
directory /usr/local/openldap/var/openldap-translucent
suffix "dc=br"
rootdn "XXXXXXXXXXXXX"
rootpw XXXXXXXXXXXXXXXXXXXXX
maxsize 4294967296
sizelimit 100000
checkpoint 256 30
overlay translucent
uri "ldap://localhost:1389/"
translucent_bind_local on
translucent_pwmod_local on
translucent_local XXXXXXXXXXXXXXXXXXXXXXXXX
idassert-bind bindmethod=none
overlay dynlist
dynlist-attrset groupOfURLs memberURL member:uniqueMember
# syncrepl Provider for primary db
overlay syncprov
syncprov-checkpoint 1000 60
# accesslog overlay definitions for primary db
overlay accesslog
logdb cn=accesslog
logops writes
logsuccess TRUE
logpurge 07+00:00 01+00:00
But, I got this error:
55c25369 hdb_db_open: "cn=accesslog"
55c25369 hdb_db_open: database "cn=accesslog": unclean shutdown detected; attempting recovery.
55c25369 hdb_db_open: warning - no DB_CONFIG file found in directory /usr/local/openldap/var/openldap-accesslog: (2).
Expect poor performance for suffix "cn=accesslog".
55c25369 hdb_db_open: database "cn=accesslog": recovery skipped in read-only mode. Run manual recovery if errors are encountered.
55c25369 mdb_db_open: "dc=br"
55c25369 syncprov_db_open: invalid config, lastmod must be enabled
55c25369 backend_startup_one (type=mdb, suffix="dc=br"): bi_db_open failed! (-1)
slap_startup failed (test would succeed using the -u switch)
What is wrong ?
Thanks!