Hi,

 

I have noticed a problem in OpenLDAP multimaster 2.4.44 with MDB backend.

I did the following steps:

i)                    Add four entries into Master 1 (using slapadd with option -w).

ii)                   Configure Master 1 and Master 2 in Multi Master mode. Syncrepl information is given below:

##############

Master1 Starts port (2016)

##############

syncRepl rid=100

  provider=ldap://xx.xx.xx.xx:2017

        type=refreshAndPersist

        retry="5 + 5 +"

  searchbase="dc=my-domain,dc=com"

        attrs=*

        interval=00:00:00:09

        schemachecking=off

        bindmethod=simple

  binddn="cn=Manager, dc=my-domain,dc=com"

        credentials=secret

 

mirrormode on

 

overlay syncprov

# contextCSN saved to database every 100 updates or ten minutes

syncprov-checkpoint 100 10

syncprov-sessionlog 100

##############

Master1 Ends

##############

 

##############

Master2 Starts port (2017)

##############

syncRepl rid=100

  provider=ldap://xx.xx.xx.xx:2016

        type=refreshAndPersist

        retry="5 + 5 +"

  searchbase="dc=my-domain,dc=com"

        attrs=*

        interval=00:00:00:09

        schemachecking=off

        bindmethod=simple

  binddn="cn=Manager, dc=my-domain,dc=com"

        credentials=secret

 

mirrormode on

 

overlay syncprov

# contextCSN saved to database every 100 updates or ten minutes

syncprov-checkpoint 100 10

syncprov-sessionlog 100

##############

Master2 Ends

##############

 

iii)                 These four entries get replicated on the Master 2 correctly and are visible from ldap browser accurately.

iv)                 Add three more entries to Master 1. (using slapadd with option -w)

v)                  After restarting both Master 1 and Master 2, on Ldap Browser the new added entries are visible in Master 1 correctly. But in Master 2, all the previous entries got missing. Ldap browser is giving error “No entries returned” ( It seems just like Master 2 DB got empty)

vi)                 But then I execute ldapsearch command on Master 2 as given below:

###################################################

ldapsearch -h xx.xx.xx.xx -p 2017 -b "dc=my-domain,dc=com"

###################################################

The above command returns all the entries exactly same to the Master 1 with the below search response:

# search result

search: 2

result: 0 Success

 

# numResponses: 10

# numEntries: 9

 

Now I am unable to understand how it this possible that the entries exist in the DB but not showing through Ldap browser. ( I have checked Master 2 entries in different ldap browsers too)

But it is just showing empty DB. Master 1 entries are showing correctly in Ldap browser.

 

Context CSN for both the servers is same as given below:

##################################

ldapsearch -H ldap://xx.xx.xx.xx:2016 -LLL -x -s base -b "dc=my-domain,dc=com" contextCSN

dn: "dc=my-domain,dc=com"

contextCSN: 20160705065521.205150Z#000000#000#000000

 

ldapsearch -H ldap://xx.xx.xx.xx:2017 -LLL -x -s base -b "dc=my-domain,dc=com" contextCSN

dn: "dc=my-domain,dc=com"

contextCSN: 20160705065521.205150Z#000000#000#000000

##################################

 

Can you please let me know how it can happen and how to solve this problem.

 

 

Best Regards,

Gurjot Kaur

 

"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."