Hello, I migrated my OpenLDAP data from bdb to mdb in a Multi-Master Replication architecture that is working for years now. Unfortunately using only 2.4.31-2+deb7u2 from Debian 7.
In the 2nd server (yyyyyy in the configuration below), I noticed new log lines for each LDAP entry. nonpresent_callback: rid=002 present UUID 345d766c-b2d5-1030-9b6b-85786c41386a, dn uid=tve0320,ou=people,dc=univ-tlse2,dc=fr It occurs if the server yyyyyy is down, a modification is done on the server xxxxx and yyyy is started. I saw it's related to the "PRESENT" step on replication. I haven't the sync logs for long so I cannot say if it happened with the previous backend.
So, is this a warning about a data problem or does it only mean "I'm looking for the existence on rid=002 and that's fine, here are the UUID and dn" ?
Here is part of my conf, also replicated : /etc/ldap/slapd.d/cn=config.ldif:olcServerID: 1 ldap://xxxxxxx/ /etc/ldap/slapd.d/cn=config.ldif:olcServerID: 2 ldap://yyyyyyy/
olcSyncrepl: {0}rid=002 provider=ldap://xxxxxxx/ binddn="--------" bindmethod=simple credentials=---- searchbase="dc=univ-tlse2,dc=fr" type=refreshAndPersist retry="5 5 300 +" attrs="*,+" tls_reqcert=never olcSyncrepl: {1}rid=003 provider=ldap://yyyyyyy/ binddn="--------" bindmethod=simple credentials=---- searchbase="dc=univ-tlse2,dc=fr" type=refreshAndPersist retry="5 5 300 +" attrs="*,+" tls_reqcert=never
olcMirrorMode: TRUE
olcDbCacheSize: 10000 olcDbCheckpoint: 512 5 olcDbNoSync: TRUE olcDbMaxSize: 3221225472
olcIndex: entryUUID,entryCSN,contextCSN eq
Thanks for your advices, Florent Lartet University of Toulouse Jean Jaurès
--On Wednesday, October 17, 2018 11:32 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I migrated my OpenLDAP data from bdb to mdb in a Multi-Master Replication architecture that is working for years now. Unfortunately using only 2.4.31-2+deb7u2 from Debian 7.
Don't use MMR with that release.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Hello, I switched back to BDB and it works fine again. I also downgraded to Master-Slave to ensure the good working as suggested. But my initial question is still unanswered. Yes ? No ?
Le 17/10/2018 à 18:35, Quanah Gibson-Mount a écrit :
--On Wednesday, October 17, 2018 11:32 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I migrated my OpenLDAP data from bdb to mdb in a Multi-Master Replication architecture that is working for years now. Unfortunately using only 2.4.31-2+deb7u2 from Debian 7.
Don't use MMR with that release.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
--On Monday, October 22, 2018 9:36 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I switched back to BDB and it works fine again. I also downgraded to Master-Slave to ensure the good working as suggested. But my initial question is still unanswered. Yes ? No ?
It means it found the entry while doing the presence phase. However, replication in general (MMR or not) is not safe with 2.4.31, nor is back-mdb in that particular version. I'd strongly advise upgrading to a current supported release.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Le 22/10/2018 à 17:13, Quanah Gibson-Mount a écrit :
--On Monday, October 22, 2018 9:36 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I switched back to BDB and it works fine again. I also downgraded to Master-Slave to ensure the good working as suggested. But my initial question is still unanswered. Yes ? No ?
It means it found the entry while doing the presence phase. However, replication in general (MMR or not) is not safe with 2.4.31, nor is back-mdb in that particular version. I'd strongly advise upgrading to a current supported release.
Sure, I can attest MDB is not working well ... but BDB worked well for years. About the version, I'm advising the same thing to myself for a while but a whole big work is necessary around it. Good news is it began some weeks ago.
Thanks for all the informations.
Le 22/10/2018 à 17:13, Quanah Gibson-Mount a écrit :
--On Monday, October 22, 2018 9:36 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I switched back to BDB and it works fine again. I also downgraded to Master-Slave to ensure the good working as suggested. But my initial question is still unanswered. Yes ? No ?
It means it found the entry while doing the presence phase. However, replication in general (MMR or not) is not safe with 2.4.31, nor is back-mdb in that particular version. I'd strongly advise upgrading to a current supported release.
Hello,
If you are unfamilliar with Debian packaging, or (more likely) do not want to maintain a build of OpenLDAP, you might want to use https://ltb-project.org/documentation/openldap-deb
If you really want not to stray from official packages, you might find satisfaction using the wheezy-backports version, but I think the LTB project way is probably the best way to go
Regards, Quanah
Le 23/10/2018 à 14:04, Matthieu Cerda a écrit :
Le 22/10/2018 à 17:13, Quanah Gibson-Mount a écrit :
--On Monday, October 22, 2018 9:36 AM +0200 Florent LARTET florent.lartet@univ-tlse2.fr wrote:
Hello, I switched back to BDB and it works fine again. I also downgraded to Master-Slave to ensure the good working as suggested. But my initial question is still unanswered. Yes ? No ?
It means it found the entry while doing the presence phase. However, replication in general (MMR or not) is not safe with 2.4.31, nor is back-mdb in that particular version. I'd strongly advise upgrading to a current supported release.
Hello,
If you are unfamilliar with Debian packaging, or (more likely) do not want to maintain a build of OpenLDAP, you might want to use https://ltb-project.org/documentation/openldap-deb
If you really want not to stray from official packages, you might find satisfaction using the wheezy-backports version, but I think the LTB project way is probably the best way to go
Very interesting project cher ami. That's right as the LDAP was working well, I didn't look for this kind of project, except the backports but they are not that fresh. Thanks for the tip.
openldap-technical@openldap.org
-
Florent LARTET -
Matthieu Cerda -
Quanah Gibson-Mount