On Tue, Jun 23, 2009 at 2:36 AM, Fernando Silva
<fernandolrsilva@gmail.com> wrote:
Hi all,
I'm trying to setup a Mirror Mode configuration using 2 machines running OpenLDAP v2.4.11 on both. To make things easy both machines are on the same (private) network.
Here's a sample of both my slapd.conf:
Machine 1:
-----------
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
##### Mirror Mode
serverID 001
loglevel 16384
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload syncprov.la
moduleload syncprov.so
sizelimit 500
tool-threads 1
backend hdb
database hdb
suffix "dc=MyDomain"
rootdn "cn=admin,dc=MyDomain"
rootpw {SSHA}secret
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
lastmod on
checkpoint 512 30
access to *
by dn="cn=admin,dc=MyDomain" write
by * read
# Consumer
syncrepl rid=001
provider=ldap://192.168.1.2
bindmethod=simple
binddn="cn=admin,dc=MyDomain"
credentials=secret
searchbase="dc=MyDomain"
attrs="*,+"
schemachecking=off
type=refreshOnly
interval=00:00:1:00 #forcing to be only one minute
retry="10 10 60 10 +"
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index objectclass,entryCSN,entryUUID eq
# Provider
overlay syncprov
syncprov-checkpoint 50 1
syncprov-sessionlog 50
mirrormode on
Machine 2:
-----------
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
##### Mirror Mode
serverID 002
loglevel 16384
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload syncprov.la
moduleload syncprov.so
sizelimit 500
tool-threads 1
backend hdb
database hdb
suffix "dc=MyDomain"
rootdn "cn=admin,dc=MyDomain"
rootpw {SSHA}secret
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
lastmod on
checkpoint 512 30
access to *
by dn="cn=admin,dc=MyDomain" write
by * read
# Consumer
syncrepl rid=001
provider=ldap://192.168.1.1
bindmethod=simple
binddn="cn=admin,dc=MyDomain"
credentials=secret
searchbase="dc=MyDomain"
attrs="*,+"
schemachecking=off
type=refreshOnly
interval=00:00:1:00 #forcing to be only one minute
retry="10 10 60 10 +"
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index objectclass,entryCSN,entryUUID eq
# Provider
overlay syncprov
syncprov-checkpoint 50 1
syncprov-sessionlog 50
mirrormode on
I'm using Ubuntu 8.10 inside a VMWare image, but both images are running on independent machines and the network on both is Bridge Mode. All seems well according to OpenLDAP manual, but maybe I'm missing something. I start both servers using "slapd -d sync" in order to filter only the sync part.
I created a script to insert 200 employees in my directory, to force the servers to sync up. When I start both servers and insert the employees in machine 1, I get this too much lines with this sample:
slap_queue_csn: queing 0xb6851b4a 20090623082909.571025Z#000000#000#000000
slap_graduate_commit_csn: removing 0xb82165c8 20090623082909.571025Z#000000#000#000000
So the CSN is being created (I think), but there's no sync to machine 2, which makes me frustated. . .
I'd appreciate any comments you can have, especially if you already have this kind of setup running.
Best regards,
Fernando