11:18 p.m.
Hi, I am currently working on setting up a new openldap environment, based
on the current stable version of 2.4.34
I have two servers, ldap1 and ldap2, which are performing mirror-mode
multi-master replication.
When ldap1 and ldap2 are both up, adds/deletes/modifications are
replicated correctly.
When ldap1 is up and ldap2 is down, adds/modifications can be performed
successfully against ldap1, and when ldap2 comes back up, changes are
replicated successfully.
Problem is, if ldap2 is down, and a deletion occurs against ldap1, when
ldap2 comes back up, the deletion is not replicated.
Here are my slapd.confs for each server
ldap1:
-----------------------------
include /opt/openldap/etc/openldap/schema/core.schema
pidfile /opt/openldap/var/run/slapd.pid
argsfile /opt/openldap/var/run/slapd.args
moduleload syncprov.la
moduleload accesslog.la
moduleload back_bdb.la
serverID 1
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk
directory /opt/openldap/var/openldap-data
checkpoint 10240 720
cachesize 50000
dbconfig set_cachesize 0 524288000 1
dbconfig set_lk_max_locks 3000
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
syncrepl rid=001
provider=ldap://ldap2.example.com:389
binddn="cn=manager,dc=example,dc=com"
bindmethod=simple
credentials=password
searchbase="dc=example,dc=com"
type=refreshAndPersist
interval=00:00:00:01
retry="60 +"
schemachecking=on
index objectClass eq
index entryUUID eq
index entryCSN eq
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint 100 1
ldap2:
-----------------------------
include /opt/openldap/etc/openldap/schema/core.schema
pidfile /opt/openldap/var/run/slapd.pid
argsfile /opt/openldap/var/run/slapd.args
moduleload syncprov.la
moduleload accesslog.la
moduleload back_bdb.la
serverID 2
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk
directory /opt/openldap/var/openldap-data
checkpoint 10240 720
cachesize 50000
dbconfig set_cachesize 0 524288000 1
dbconfig set_lk_max_locks 3000
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
syncrepl rid=001
provider=ldap://ldap1.example.com:389
binddn="cn=manager,dc=example,dc=com"
bindmethod=simple
credentials=password
searchbase="dc=example,dc=com"
type=refreshAndPersist
interval=00:00:00:01
retry="60 +"
schemachecking=on
index objectClass eq
index entryUUID eq
index entryCSN eq
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint 100 1
Here is the logging output at level 16384
ldap1:
-----------------------------
51401797 bdb_monitor_db_open: monitoring disabled; configure monitor
database to enable
51401797 slapd starting
51401797 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
514017ae do_syncrep2: rid=001 (-1) Can't contact LDAP server
514017ae do_syncrepl: rid=001 rc -1 retrying
514017c9 slap_queue_csn: queing 0x7fa53f0c5020
20130313060809.655329Z#000000#001#000000
514017c9 slap_graduate_commit_csn: removing 0x7fa530100910
20130313060809.655329Z#000000#001#000000
514017cc syncprov_search_response:
cookie=rid=001,sid=001,csn=20130313060809.655329Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
514017e8 slap_queue_csn: queing 0x7fa53e8c4470
20130313060840.173887Z#000000#001#000000
514017e8 slap_graduate_commit_csn: removing 0x7fa534101170
20130313060840.173887Z#000000#001#000000
514017ea slap_client_connect: URI=ldap://ldap2.example.com:389
DN="cn=manager,dc=example,dc=com" ldap_sasl_bind_s failed (-1)
514017ea do_syncrepl: rid=001 rc -1 retrying
514017ed syncprov_search_response:
cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
51401826 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
ldap2:
-----------------------------
514017ed bdb_monitor_db_open: monitoring disabled; configure monitor
database to enable
514017ed slapd starting
514017ed do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
514017ed do_syncrep2: rid=001
cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
514017ed slap_queue_csn: queing 0x7f5070109540
20130313060840.173887Z#000000#001#000000
514017ed slap_graduate_commit_csn: removing 0x7f50701096b0
20130313060840.173887Z#000000#001#000000
Heres the command I'm using on the client to perform the delete:
While ldap2 is offline,
ldapdelete -h ldap1 -x -r -D "cn=manager,dc=example,dc=com" -w password
"ou=groups,dc=example,dc=com"
Let me know if you want any further information
I'm sure its something stupid I'm missing, but would appreciate any
assistance with this.
Cheers,
Adam
1:24 a.m.
Adam schrieb (13.03.2013 07:18 Uhr):
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
man slapo-syncprov:
syncprov-nopresent TRUE | FALSE
Specify that the Present phase of refreshing should be
skipped.
This value should only be set TRUE for a syncprov instance on
top of a log database (such as one managed by the accesslog
overlay). The default is FALSE.
Did you set this on purpose?
Marc
2:10 a.m.
Sorry, copied the config from one of our other environments, and didn't
even notice this.
guess more RTFM was required.
Sorry for wasting your time, but thanks for the help.
Cheers,
Adam
On 13/03/13 18:54, Marc Patermann wrote:
Adam schrieb (13.03.2013 07:18 Uhr):
> mirrormode on
> overlay syncprov
> syncprov-nopresent TRUE
> syncprov-reloadhint TRUE
man slapo-syncprov:
syncprov-nopresent TRUE | FALSE
Specify that the Present phase of refreshing should be
skipped.
This value should only be set TRUE for a syncprov instance on
top of a log database (such as one managed by the accesslog
overlay). The default is FALSE.
Did you set this on purpose?
Marc
11:42 p.m.
On 03/13/2013 07:18 AM, Adam wrote:
Hi, I am currently working on setting up a new openldap environment,
based
on the current stable version of 2.4.34
I have two servers, ldap1 and ldap2, which are performing mirror-mode
multi-master replication.
When ldap1 and ldap2 are both up, adds/deletes/modifications are
replicated correctly.
When ldap1 is up and ldap2 is down, adds/modifications can be performed
successfully against ldap1, and when ldap2 comes back up, changes are
replicated successfully.
Problem is, if ldap2 is down, and a deletion occurs against ldap1, when
ldap2 comes back up, the deletion is not replicated.
Here are my slapd.confs for each server
ldap1:
-----------------------------
include /opt/openldap/etc/openldap/schema/core.schema
pidfile /opt/openldap/var/run/slapd.pid
argsfile /opt/openldap/var/run/slapd.args
moduleload syncprov.la
moduleload accesslog.la
moduleload back_bdb.la
serverID 1
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk
directory /opt/openldap/var/openldap-data
checkpoint 10240 720
cachesize 50000
dbconfig set_cachesize 0 524288000 1
dbconfig set_lk_max_locks 3000
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
syncrepl rid=001
provider=ldap://ldap2.example.com:389
binddn="cn=manager,dc=example,dc=com"
bindmethod=simple
credentials=password
searchbase="dc=example,dc=com"
type=refreshAndPersist
interval=00:00:00:01
retry="60 +"
schemachecking=on
index objectClass eq
index entryUUID eq
index entryCSN eq
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint 100 1
ldap2:
-----------------------------
include /opt/openldap/etc/openldap/schema/core.schema
pidfile /opt/openldap/var/run/slapd.pid
argsfile /opt/openldap/var/run/slapd.args
moduleload syncprov.la
moduleload accesslog.la
moduleload back_bdb.la
serverID 2
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw {SSHA}zViBuH78jtg/BKtT1sZHNp7gwWnlCWDk
directory /opt/openldap/var/openldap-data
checkpoint 10240 720
cachesize 50000
dbconfig set_cachesize 0 524288000 1
dbconfig set_lk_max_locks 3000
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_lockers 1500
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
syncrepl rid=001
provider=ldap://ldap1.example.com:389
binddn="cn=manager,dc=example,dc=com"
bindmethod=simple
credentials=password
searchbase="dc=example,dc=com"
type=refreshAndPersist
interval=00:00:00:01
retry="60 +"
schemachecking=on
index objectClass eq
index entryUUID eq
index entryCSN eq
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
syncprov-checkpoint 100 1
Here is the logging output at level 16384
ldap1:
-----------------------------
51401797 bdb_monitor_db_open: monitoring disabled; configure monitor
database to enable
51401797 slapd starting
51401797 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
514017ae do_syncrep2: rid=001 (-1) Can't contact LDAP server
514017ae do_syncrepl: rid=001 rc -1 retrying
514017c9 slap_queue_csn: queing 0x7fa53f0c5020
20130313060809.655329Z#000000#001#000000
514017c9 slap_graduate_commit_csn: removing 0x7fa530100910
20130313060809.655329Z#000000#001#000000
514017cc syncprov_search_response:
cookie=rid=001,sid=001,csn=20130313060809.655329Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
514017e8 slap_queue_csn: queing 0x7fa53e8c4470
20130313060840.173887Z#000000#001#000000
514017e8 slap_graduate_commit_csn: removing 0x7fa534101170
20130313060840.173887Z#000000#001#000000
514017ea slap_client_connect: URI=ldap://ldap2.example.com:389
DN="cn=manager,dc=example,dc=com" ldap_sasl_bind_s failed (-1)
514017ea do_syncrepl: rid=001 rc -1 retrying
514017ed syncprov_search_response:
cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
51401826 do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
ldap2:
-----------------------------
514017ed bdb_monitor_db_open: monitoring disabled; configure monitor
database to enable
514017ed slapd starting
514017ed do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE
514017ed do_syncrep2: rid=001
cookie=rid=001,sid=001,csn=20130313060840.173887Z#000000#001#000000;20130313054634.762054Z#000000#002#000000
514017ed slap_queue_csn: queing 0x7f5070109540
20130313060840.173887Z#000000#001#000000
514017ed slap_graduate_commit_csn: removing 0x7f50701096b0
20130313060840.173887Z#000000#001#000000
Heres the command I'm using on the client to perform the delete:
While ldap2 is offline,
ldapdelete -h ldap1 -x -r -D "cn=manager,dc=example,dc=com" -w password
"ou=groups,dc=example,dc=com"
Let me know if you want any further information
I'm sure its something stupid I'm missing, but would appreciate any
assistance with this.
Cheers,
Adam
Hi,
ITS 7531 may also be of interest.
--
Jan Synacek
Software Engineer, Red Hat
3392
days inactive
3393
days old
openldap-technical@openldap.org
3 comments
3 participants
participants (3)
-
Adam -
Jan Synacek -
Marc Patermann