Hi There,
I am using openldap 2.4.23 and trying to set up mirror mode replciation with 2 masters
I have been able to set this up and the sync initially appeared to work fine . However, i noticed that the password resets are not getting synced . I am able to login to one of the master server on which I did the change but not on the other and any of the clients.
Heres my slapd.conf
serverID 1 database bdb suffix "dc=ldap,dc=qa,dc=test,dc=com" checkpoint 1024 15 rootdn "cn=ldapadmin,dc=ldap,dc=qa,dc=test,dc=com" loglevel 256 sizelimit 500 rootpw secret overlay ppolicy ppolicy_default "cn=default,ou=policies,dc=ldap,dc=qa,dc=test,dc=com" ppolicy_use_lockout ppolicy_hash_cleartext directory /mnt1/ldapdata
index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub index entryCSN,entryUUID eq syncrepl rid=001 provider="ldaps://ldap1-test" binddn="uid=syncrepl,ou=People,dc=ldap,dc=qa,dc=test,dc=com" bindmethod=simple credentials="secret" searchbase="dc=ldap,dc=qa,dc=test,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 10 60 +" timeout=1 schemachecking=off scope=sub tls_cacert=/etc/openldap/sslcerts/Standby.pem
mirrormode true overlay syncprov syncprov-checkpoint 50 10 syncprov-sessionlog 100
any inputs on how can i get through this issue.
Thanks,
Rakesh
--On Thursday, February 26, 2015 10:31 PM +0530 Rakesh Rajasekharan rakesh.rajasekharan@gmail.com wrote:
Hi There,
I am using openldap 2.4.23
Why? I would strongly advise you to read the change log for OpenLDAP in the years since 2.4.23 was released.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
My bad, I was logged in on anther host at that point. I am actually running 2.4.39,had isntalled using yum.\
When i change the password on one of the masters, on the other running a "slapd-d sync" gives me the below logs
54f02a99 do_syncrep2: rid=002 LDAP_RES_INTERMEDIATE - REFRESH_DELETE 54f02ac1 do_syncrep2: rid=002 cookie=rid=002,sid=002,csn=20150227082849.946711Z#000000#002#000000 54f02ac1 syncrepl_message_to_entry: rid=002 DN: uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com, UUID: 939083ce-5221-1034-8cd3-75f783d284f6 54f02ac1 syncrepl_entry: rid=002 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY) 54f02ac1 syncrepl_entry: rid=002 be_search (0) 54f02ac1 syncrepl_entry: rid=002 uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com 54f02ac1 slap_queue_csn: queing 0x7f7004109670 20150227082849.946711Z#000000#002#000000 54f02ac1 syncprov_matchops: skipping original sid 002 54f02ac1 syncprov_matchops: skipping original sid 002 54f02ac1 slap_graduate_commit_csn: removing 0x7f700410f7b0 20150227082849.946711Z#000000#002#000000 54f02ac1 syncrepl_entry: rid=002 be_modify uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com (0) 54f02ac1 slap_queue_csn: queing 0x7f7004109670 20150227082849.946711Z#000000#002#000000 54f02ac1 slap_graduate_commit_csn: removing 0x7f700410d730 20150227082849.946711Z#000000#002#000000 54f02ac1 do_syncrep2: rid=002 cookie=rid=002,sid=002,csn=20150227082849.974298Z#000000#002#000000 54f02ac1 syncrepl_message_to_entry: rid=002 DN: uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com, UUID: 939083ce-5221-1034-8cd3-75f783d284f6 54f02ac1 syncrepl_entry: rid=002 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY) 54f02ac1 syncrepl_entry: rid=002 be_search (0) 54f02ac1 syncrepl_entry: rid=002 uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com 54f02ac1 slap_queue_csn: queing 0x7f6ffc103830 20150227082849.974298Z#000000#002#000000 54f02ac1 syncprov_matchops: skipping original sid 002 54f02ac1 slap_graduate_commit_csn: removing 0x7f6ffc104920 20150227082849.974298Z#000000#002#000000 54f02ac1 syncprov_matchops: skipping original sid 002 54f02ac1 syncrepl_entry: rid=002 be_modify uid=sam,ou=People,dc=ldap,dc=qa,dc=test,dc=com (0) 54f02ac1 slap_queue_csn: queing 0x7f6ffc103830 20150227082849.974298Z#000000#002#000000 54f02ac1 slap_graduate_commit_csn: removing 0x7f6ffc104bf0 20150227082849.974298Z#000000#002#000000
" syncprov_matchops: skipping original sid 002"
I have seen few others also having raised similar issues but could not find a possible solution.
Would upgrading 2.4.40 help?
Thanks,
Rakesh
On Thu, Feb 26, 2015 at 11:22 PM, Michael Ströder michael@stroeder.com wrote:
Rakesh Rajasekharan wrote:
I am using openldap 2.4.23 and trying to set up mirror mode replciation with 2 masters
Before doing anything else you should upgrade to recent OpenLDAP release.
Ciao, Michael.
openldap-technical@openldap.org
-
Michael Ströder -
Quanah Gibson-Mount -
Rakesh Rajasekharan