Hello
when I modify the mail attribute on the master, the attribute is correctly replicated on the replica, but the modifyTimeStamp isn't !? shouldn't it be modified !?
The master is runing openldap-servers-2.3.43-12.el5_7.10 the replica that failes to replicate modifyTimeStamp is an openldap-servers-2.4.23-20.el6.i686 on a openldap-servers-2.3.43-12.el5_7.10 replica, modifyTimeStamp is correctly updated ! could it be a openldap version incompatibility ? or perhaps an ACL miss-configuration !?
Thanks for your help .
--On Monday, April 02, 2012 5:41 PM +0200 jehan procaccia jehan.procaccia@it-sudparis.eu wrote:
or perhaps an ACL miss-configuration !?
You fail to state what type of replication you are using with OpenLDAP 2.3. Regardless, this would be due to an ACL issue or a misconfiguration of your replication setup.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Le 02/04/2012 20:25, Quanah Gibson-Mount a écrit :
--On Monday, April 02, 2012 5:41 PM +0200 jehan procaccia jehan.procaccia@it-sudparis.eu wrote:
or perhaps an ACL miss-configuration !?
You fail to state what type of replication you are using with OpenLDAP 2.3. Regardless, this would be due to an ACL issue or a misconfiguration of your replication setup.
--Quanah
I use syncrepl replication, either on the openldap 2.3 master and replica which works fine the same configuration (see below) fails to replicate modifyTimeStamp on a 2.4 replica .
syncrepl rid=001 provider=ldaps://master.it-sudparis.eu type=refreshAndPersist searchbase="dc=int-evry,dc=fr" filter="(objectClass=*)" attrs="*" scope=sub schemachecking=on bindmethod=simple retry="60 10 300 +" binddn="cn=replic,ou=System,dc=int-evry,dc=fr" credentials="secret" updateref ldaps://master.int-evry.fr:636
If it's an ACL problem, then would it be on the master side or on the replica's local ACL ?
Thanks.
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
You attrs= line is wrong. I suggest you remove it entirely and go with the default value.
--Quanah
On Apr 2, 2012, at 11:11 PM, jehan procaccia jehan.procaccia@it-sudparis.eu wrote:
Le 02/04/2012 20:25, Quanah Gibson-Mount a écrit :
--On Monday, April 02, 2012 5:41 PM +0200 jehan procaccia jehan.procaccia@it-sudparis.eu wrote:
or perhaps an ACL miss-configuration !?
You fail to state what type of replication you are using with OpenLDAP 2.3. Regardless, this would be due to an ACL issue or a misconfiguration of your replication setup.
--Quanah
I use syncrepl replication, either on the openldap 2.3 master and replica which works fine the same configuration (see below) fails to replicate modifyTimeStamp on a 2.4 replica .
syncrepl rid=001 provider=ldaps://master.it-sudparis.eu type=refreshAndPersist searchbase="dc=int-evry,dc=fr" filter="(objectClass=*)" attrs="*" scope=sub schemachecking=on bindmethod=simple retry="60 10 300 +" binddn="cn=replic,ou=System,dc=int-evry,dc=fr" credentials="secret" updateref ldaps://master.int-evry.fr:636
If it's an ACL problem, then would it be on the master side or on the replica's local ACL ?
Thanks.
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
You are right I modified my syncrepl config to attrs="*,+", then operational attributes are now correctly replicated , thanks !
I also tried to removed attrs directive completly, then the mail attribute wasn't replicated anymore :-( ... so I prefer to let it explicit to attrs="*,+"
My others openldap 2.3 replica though still have attrs="*" (without the + ), however operational attributes are correctly synchronized, did openldap 2.4 change some defaults about operational attribute replication.
Le 03/04/2012 08:16, Quanah Gibson-Mount a écrit :
You attrs= line is wrong. I suggest you remove it entirely and go with the default value.
--Quanah
On Apr 2, 2012, at 11:11 PM, jehan procacciajehan.procaccia@it-sudparis.eu wrote:
Le 02/04/2012 20:25, Quanah Gibson-Mount a écrit :
--On Monday, April 02, 2012 5:41 PM +0200 jehan procacciajehan.procaccia@it-sudparis.eu wrote:
or perhaps an ACL miss-configuration !?
You fail to state what type of replication you are using with OpenLDAP 2.3. Regardless, this would be due to an ACL issue or a misconfiguration of your replication setup.
--Quanah
I use syncrepl replication, either on the openldap 2.3 master and replica which works fine the same configuration (see below) fails to replicate modifyTimeStamp on a 2.4 replica .
syncrepl rid=001 provider=ldaps://master.it-sudparis.eu type=refreshAndPersist searchbase="dc=int-evry,dc=fr" filter="(objectClass=*)" attrs="*" scope=sub schemachecking=on bindmethod=simple retry="60 10 300 +" binddn="cn=replic,ou=System,dc=int-evry,dc=fr" credentials="secret" updateref ldaps://master.int-evry.fr:636
If it's an ACL problem, then would it be on the master side or on the replica's local ACL ?
Thanks.
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Tuesday, April 03, 2012 11:00 AM +0200 jehan procaccia jehan.procaccia@it-sudparis.eu wrote:
You are right I modified my syncrepl config to attrs="*,+", then operational attributes are now correctly replicated , thanks !
I also tried to removed attrs directive completly, then the mail attribute wasn't replicated anymore :-( ... so I prefer to let it explicit to attrs="*,+"
If you remove the attrs statement, it defaults to "*,+"... so setting it to "*,+" or removing it should have zero difference in effect.
Of course, you should be migrating everything to 2.4 anyhow. ;) 2.3 is not a supported release series anymore, and still has a number of known bugs.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
jehan procaccia -
Quanah Gibson-Mount