Hello everyone,

I have a problem with a simple master/slave syncrepl replication setup. Everytime I restart the slave it goes back to an empty state and then syncs about only 200 entries from thousands in the master.

From then on it gets the update events from the master fine.

I have tried some of the things suggested in this mailing list but none have worked so far. For example I tried initializing the slave with a full slapcat of the master after deleting all files from /var/lib/ldap/ , but when I start the slave it deletes ALL entries and starts over.

The master is debian etch with 2.3.30-5+etch2 ( critical, not easy to update )

The slave is 2.3.43 RHEL

The slave config is :

syncrepl rid=100 provider=ldaps://xxxxxxxxxxxxxx:636 type=refreshOnly tls_cert=/var/lib/ldap/ssl/clientcert.pem tls_key=/var/lib/ldap/ssl/clientkey.pem tls_cacert=/var/lib/ldap/ssl/cacert.pem interval=00:00:01:00 retry="5 60" searchbase="dc=xxxx" filter="(objectClass=*)" scope=sub schemachecking=off bindmethod=simple binddn="cn=xxxxx,dc=xxxx" credentials=xxxxxx

slapd is started with options "-c rid=100,csn=0"

( the real values are obscured for security, sorry )

I switched to refreshOnly because the connection passes through a strict firewall, and I read that the persistent connection of refreshAndPersist has problems with that.

Any help is appreciated. Thanks.