Hello,
I'm still working on replication of cn=config. The replication of the main DB is working with delta-syncrepl but I still have problems getting mmr running for cn=config. As I use Ansible to configure it here my question: Is the order of setting up the replication relevant? What I do at the moment:
Setting up a basic config for all 4 servers: ----------------------------------------- dn: cn=config objectClass: olcGlobal cn: config olcLogLevel: sync olcLogLevel: stats olcPidFile: /var/symas/run/slapd.pid olcArgsFile: /var/symas/run/slapd.args olcToolThreads: 1 olcServerID: 1 ldap://ldap01.example.net olcServerID: 2 ldap://ldap02.example.net olcServerID: 3 ldap://ldap03.example.net olcServerID: 4 ldap://ldap04.example.net
# create cn=config #dn: olcBackend={0}mdb,cn=config #objectClass: olcBackendConfig #olcBackend: {0}mdb
dn: cn=schema,cn=config objectClass: olcSchemaConfig cn: schema
dn: cn=module{0},cn=config objectClass: olcModuleList cn: module{0} olcModulePath: /opt/symas/lib/openldap olcModuleLoad: back_mdb olcModuleLoad: back_monitor olcModuleLoad: autoca.la olcModuleLoad: otp.la olcModuleLoad: argon2.la olcModuleLoad: syncprov olcModuleLoad: back_monitor olcModuleLoad: accesslog.la
include: file:///opt/symas/etc/openldap/schema/core.ldif include: file:///opt/symas/etc/openldap/schema/cosine.ldif include: file:///opt/symas/etc/openldap/schema/nis.ldif include: file:///opt/symas/etc/openldap/schema/inetorgperson.ldif include: file:///opt/symas/etc/openldap/schema/dyngroup.ldif include: file:///opt/symas/etc/openldap/schema/kerberos.openldap.ldif
dn: olcDatabase={-1}frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: {-1}frontend olcSizeLimit: 500 olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by dn.exact=gidNumber=1111+uidNumber=1111,cn=peercred,cn=external,cn=auth manage by * break olcAccess: {1}to dn="" by * read olcAccess: {2}to dn.base="cn=subschema" by * read olcPasswordHash: {ARGON2}
dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootDN: cn=admin,cn=config olcRootPW: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$cXdlcnJ0enV6dWlvMTIz$G/l0lynf7ygdz0tG+E7S1fBibsFs/L80AUSisiGl/v4 olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by dn.exact=gidNumber=1111+uidNumber=1111,cn=peercred,cn=external,cn=auth manage by dn.exact=uid=ldap-admin,ou=users,dc=example,dc=net write by * break
dn: olcDatabase={1}monitor,cn=config objectClass: olcDatabaseConfig olcDatabase: {1}monitor olcAccess: {0}to dn.subtree="cn=monitor" by dn.exact=cn=admin,cn=config read by dn.exact=cn=admin,dc=example,dc=net read
dn: olcDatabase={2}mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcmdbConfig olcDatabase: {2}mdb olcSuffix: dc=example,dc=net olcRootDN: cn=admin,dc=example,dc=net olcRootPW: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$cXdlcnJ0enV6dWlvMTIz$G/l0lynf7ygdz0tG+E7S1fBibsFs/L80AUSisiGl/v4 olcSizeLimit: unlimited olcTimeLimit: unlimited olcDbCheckpoint: 512 30 olcDbDirectory: /var/symas/openldap-data olcDbIndex: default eq olcDbIndex: objectClass olcDbIndex: entryUUID olcDbIndex: entryCSN olcDbIndex: cn pres,eq,sub olcDbIndex: uid pres,eq,sub olcDbIndex: mail pres,eq,sub olcDbIndex: sn pres,eq,sub olcDbIndex: description pres,eq,sub olcDbIndex: title pres,eq,sub olcDbIndex: givenName pres,eq,sub olcDbMaxSize: 85899345920 olcAccess: {0} to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by dn.exact=gidNumber=1111+uidNumber=1111,cn=peercred,cn=external,cn=auth manage by dn.exact=uid=ldap-admin,ou=users,dc=example,dc=net write by dn.exact=uid=repl-user,ou=users,dc=example,dc=net read by * break olcAccess: {1}to dn.exact="" by * read olcAccess: {2}to dn.base="cn=subschema" by * read olcAccess: {3} to attrs=userPassword by anonymous auth by self write by * none olcLimits: {0} dn.exact="uid=repl-user,ou=users,dc=example,dc=net" time=unlimited size=unlimited olcLimits: {1} dn.exact="uid=ldap-admin,ou=users,dc=example,dc=net" time=unlimited size=unlimited -----------------------------------------
As you can see serverID is already set to URL-style for all servers ;-)
But now I'm not sure, do I have to set up the replication for cn=config on all 4 servers and then set up replication of the main DB on just one of the servers and let it be replicated by the cn=config-replication?
Or do I have to set up replication of the main DB on all servers first and then add the replication of cn=config to all servers and only replicate the changes made afterwards?
Or do I have to set up the replication of main-DB and replication of cn=config on one server at a time?
Or can I do it either way?
The testsuit is showing using updateref on the replication of the main-DB do I really need it for mmr? If yes, do I need it for mmr of cn=config?
I could not find any example that uses both, mmr for main-DB and mmr for cn=config.
here is the order of my set up for cn=config replication: ------------------------ dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov
dn: olcDatabase={0}config,cn=config changetype: modify replace: olcSyncRepl olcSyncRepl: rid=1 provider=ldap://ldap01.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=2 provider=ldap://ldap02.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=3 provider=ldap://ldap03.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=4 provider=ldap://ldap04.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow - add: olcMultiprovider olcMultiprovider: TRUE ------------------------
And last but not least the set up of the main-DB replication: ----------------------- dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcSyncrepl olcSyncrepl: rid=102 provider=ldap://ldap02.example.net bindmethod=simple timeout=0 network-timeout=0 binddn=uid=repl-user,ou=users,dc=example,dc=net credentials=secret filter="(objectclass=*)" searchbase="dc=example,dc=net" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" logbase=cn=accesslog scope=sub schemachecking=off type=refreshAndPersist retry="60 +" syncdata=accesslog keepalive=240:10:30 starttls=yes tls_reqcert=allow olcSyncrepl: rid=103 provider=ldap://ldap03.example.net bindmethod=simple timeout=0 network-timeout=0 binddn=uid=repl-user,ou=users,dc=example,dc=net credentials=secret filter="(objectclass=*)" searchbase="dc=example,dc=net" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" logbase=cn=accesslog scope=sub schemachecking=off type=refreshAndPersist retry="60 +" syncdata=accesslog keepalive=240:10:30 starttls=yes tls_reqcert=allow olcSyncrepl: rid=104 provider=ldap://ldap04.example.net bindmethod=simple timeout=0 network-timeout=0 binddn=uid=repl-user,ou=users,dc=example,dc=net credentials=secret filter="(objectclass=*)" searchbase="dc=example,dc=net" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" logbase=cn=accesslog scope=sub schemachecking=off type=refreshAndPersist retry="60 +" syncdata=accesslog keepalive=240:10:30 starttls=yes tls_reqcert=allow - add: olcMultiprovider olcMultiprovider: TRUE -----------------------
This is the ldif for the first server so olcSyncrepl for ldap01.example.net is not configured. On the other servers is the same the own URI has no olcSyncrepl entry. Here olcUpdatRef is not configured. Replication of the main-DB is running. BTW olcUpdateRef is also not configured in the howto of Quanah ;-) So it must be ok :-)
Could you please take a look if I did something wrong. I don't know where to look anymore.
Am 15.12.21 um 10:11 schrieb Stefan Kania:
I don't know where to look anymore.
I restarted from scratch and only did the basic configuration and the replication of cn=config. When I do a change with the following ldif: ---------- dn: olcDatabase={-1}frontend,cn=config changetype: modify replace: olcSizeLimit olcSizeLimit: 1000 ---------- Replication is working from either server. If I try to modify the configuration with the following ldif: ---------- dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcDbCheckpoint olcDbCheckpoint: 1 1 ---------- Only the server where I do the modification is taking the changes. There is no message appearing on one of the other servers.
When restarting all slapd-servcies I see the following messages on the consumer and the provider: --------------- messages on provider
Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 ACCEPT from IP=192.168.56.46:57844 (IP=0.0.0.0:389) Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 STARTTLS Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 RESULT oid= err=0 qtime=0.000023 etime=0.000176 text= Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.3 tls_cipher=TLS_AES_256_GCM_SHA384 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 BIND dn="cn=admin,cn=config" method=128 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 BIND dn="cn=admin,cn=config" mech=SIMPLE bind_ssf=0 ssf=256 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 RESULT tag=97 err=0 qtime=0.000027 etime=0.020422 text= Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 SRCH base="cn=config" scope=2 deref=0 filter="(objectClass=*)" Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 SRCH attr=* + Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: got a persistent search with a cookie=rid=004,sid=002,csn=20211215092402.061636Z#000000#002#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_findbase: searching Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: registered persistent search Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: consumer cookie is missing a csn we track Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_search_response: cookie=rid=004,sid=004,csn=20211215092401.968707Z#000000#001#000000;20211215092402.061636Z#000000#002#000000;20211215092402.073013Z#000000#003#000000;20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_sendinfo: refreshPresent cookie=rid=004,sid=004,csn=20211215092401.968707Z#000000#001#000000;20211215092402.061636Z#000000#002#000000;20211215092402.073013Z#000000#003#000000;20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_search_response: detaching op Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=3 UNBIND Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 closed
messages on consumer
Dez 15 10:37:56 ldap02 slapd[6271]: do_syncrep1: rid=004 starting refresh (sending cookie=rid=004,sid=002,csn=20211215092402.061636Z#000000#002#000000) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=config, UUID: 5d4870f0-f1d0-103b-92fc-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d4870f0-f1d0-103b-92fc-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn=config 20211215085439.318447Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=module{0},cn=config, UUID: 5d487b22-f1d0-103b-92fe-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d487b22-f1d0-103b-92fe-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn=module{0},cn=config 20211215085432.145148Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=module{0},cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn=module{0},cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=schema,cn=config, UUID: 5d4877bc-f1d0-103b-92fd-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d4877bc-f1d0-103b-92fd-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_add cn=schema,cn=config (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={0}core,cn=schema,cn=config, UUID: 5d48abc4-f1d0-103b-92ff-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48abc4-f1d0-103b-92ff-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={0}core,cn=schema,cn=config 20211215085432.146392Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={0}core,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={0}core,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={1}cosine,cn=schema,cn=config, UUID: 5d48c23a-f1d0-103b-9300-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48c23a-f1d0-103b-9300-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={1}cosine,cn=schema,cn=config 20211215085432.146967Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={1}cosine,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={1}cosine,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={2}nis,cn=schema,cn=config, UUID: 5d48d1b2-f1d0-103b-9301-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48d1b2-f1d0-103b-9301-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={2}nis,cn=schema,cn=config 20211215085432.147363Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={2}nis,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={2}nis,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={3}inetorgperson,cn=schema,cn=config, UUID: 5d48dbc6-f1d0-103b-9302-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48dbc6-f1d0-103b-9302-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={3}inetorgperson,cn=schema,cn=config 20211215085432.147621Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={3}inetorgperson,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={3}inetorgperson,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={4}dyngroup,cn=schema,cn=config, UUID: 5d48e152-f1d0-103b-9303-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48e152-f1d0-103b-9303-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={4}dyngroup,cn=schema,cn=config 20211215085432.147763Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={4}dyngroup,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={4}dyngroup,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={5}kerberos,cn=schema,cn=config, UUID: 5d48e79c-f1d0-103b-9304-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48e79c-f1d0-103b-9304-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={5}kerberos,cn=schema,cn=config 20211215085432.147924Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={5}kerberos,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={5}kerberos,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={-1}frontend,cn=config, UUID: 5d48f458-f1d0-103b-9305-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48f458-f1d0-103b-9305-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={-1}frontend,cn=config 20211215085432.148251Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={-1}frontend,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={-1}frontend,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={0}config,cn=config, UUID: 5d48f7aa-f1d0-103b-9306-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48f7aa-f1d0-103b-9306-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={0}config,cn=config 20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={0}config,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={0}config,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config, UUID: 7c3fa65a-f1d4-103b-983d-81584f1425b7 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 7c3fa65a-f1d4-103b-983d-81584f1425b7 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcOverlay={0}syncprov,olcDatabase={0}config,cn=config 20211215092402.083542Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcOverlay={0}syncprov,olcDatabase={0}config,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcOverlay={0}syncprov,olcDatabase={0}config,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={1}monitor,cn=config, UUID: 5d48fa48-f1d0-103b-9307-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48fa48-f1d0-103b-9307-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={1}monitor,cn=config 20211215085432.148402Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={1}monitor,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={1}monitor,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={2}mdb,cn=config, UUID: 5d48fd0e-f1d0-103b-9308-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48fd0e-f1d0-103b-9308-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={2}mdb,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_add olcDatabase={2}mdb,cn=config (68) Dez 15 10:37:56 ldap02 slapd[6271]: conn=-1 op=0 syncprov_matchops: recording uuid for dn=olcDatabase={2}mdb,cn=config on opc=0x7ef1740062c0 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_null_callback : error code 0x35 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify olcDatabase={2}mdb,cn=config (53) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify failed (53) Dez 15 10:37:56 ldap02 slapd[6271]: do_syncrepl: rid=004 rc 53 retrying (18 retries left)
---------------
It looks for me as the replication only fails for dn=olcDatabase={2}mdb,cn=config, which is the configuration of the main DB.
I recheckt my configuration with https://openldap.org/doc/admin26/replication.html For me it's the same.
--On Wednesday, December 15, 2021 7:31 PM +0100 Stefan Kania stefan@kania-online.de wrote:
UUID 5d48fd0e-f1d0-103b-9308-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={2}mdb,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_add olcDatabase={2}mdb,cn=config (68) Dez 15 10:37:56 ldap02 slapd[6271]: conn=-1 op=0 syncprov_matchops: recording uuid for dn=olcDatabase={2}mdb,cn=config on opc=0x7ef1740062c0 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_null_callback : error code 0x35 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify olcDatabase={2}mdb,cn=config (53) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify failed (53) Dez 15 10:37:56 ldap02 slapd[6271]: do_syncrepl: rid=004 rc 53 retrying (18 retries left)
Please file a bug.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Am 15.12.21 um 19:44 schrieb Quanah Gibson-Mount:
Please file a bug.
How can I? Is there someting like bugzilla I know from the Samba project.
--On Wednesday, December 15, 2021 8:23 PM +0100 Stefan Kania stefan@kania-online.de wrote:
Am 15.12.21 um 19:44 schrieb Quanah Gibson-Mount:
Please file a bug.
How can I? Is there someting like bugzilla I know from the Samba project.
Step 1: Browse to https://www.openldap.org
Step 2: Click on the "Issue Tracking" link
Step 3: Create an account in the OpenLDAP bugzilla
Step 4: File the bug
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Am 15.12.21 um 20:34 schrieb Quanah Gibson-Mount:
--On Wednesday, December 15, 2021 8:23 PM +0100 Stefan Kania stefan@kania-online.de wrote:
Am 15.12.21 um 19:44 schrieb Quanah Gibson-Mount:
Please file a bug.
How can I? Is there someting like bugzilla I know from the Samba project.
Step 1: Browse to https://www.openldap.org
Step 2: Click on the "Issue Tracking" link
Step 3: Create an account in the OpenLDAP bugzilla
Step 4: File the bug
Regards, Quanah
done
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Quanah Gibson-Mount -
Stefan Kania