Hi,
I'm trying to configure chain overlay in a ldap replica consumer. My final purpose is that if this node receives an update, it directly tries to make it in the provider node, instead of returning the referrral. Is that possible? I think so...
But I have a problem with the configuration. My config is
... moduleload back_ldap moduleload syncprov ... database hdb suffix dc=<mysuffix> ... overlay syncprov
syncrepl rid=31 provider="ldap://<provider>" binddn="<replica user dn>" bindmethod=simple credentials=<password> searchbase="dc=<mysuffix>" type=refreshAndPersist interval=00:00:00:10 retry="5 5 300 +" timeout=1
overlay chain chain-max-depth 1 chain-return-error true
chain-uri ldap://<provider> chain-rebind-as-user yes chain-idassert-bind bindmethod=simple binddn=<replica user dn> credentials=<password> starttls=no mode="self"
But when I test configuration with slaptest, I get:
root@canis32:/etc/ldap# slaptest -f /etc/ldap/slapd.conf syncprov_db_open: invalid config, lastmod must be enabled backend_startup_one (type=hdb, suffix="<mysuffix>"): bi_db_open failed! (-1) slap_startup failed (test would succeed using the -u switch)
and I can't run slapd. Any idea?
I'm running slapd 2.4.21 (ubuntu lucid package)
Am Mon, 16 Jan 2012 11:03:25 +0100 schrieb "Angel L. Mateo" amateo@um.es:
Hi,
I'm trying to configure chain overlay in a ldap replica consumer. My final purpose is that if this node receives an update, it directly tries to make it in the provider node, instead of returning the referrral. Is that possible? I think so...
But I have a problem with the configuration. My config is
... moduleload back_ldap moduleload syncprov ... database hdb suffix dc=<mysuffix> ... overlay syncprov
syncrepl rid=31 provider="ldap://<provider>" binddn="<replica user dn>" bindmethod=simple credentials=<password> searchbase="dc=<mysuffix>" type=refreshAndPersist interval=00:00:00:10 retry="5 5 300 +" timeout=1
overlay chain chain-max-depth 1 chain-return-error true
chain-uri ldap://<provider> chain-rebind-as-user yes chain-idassert-bind bindmethod=simple binddn=<replica user dn> credentials=<password> starttls=no mode="self"
But when I test configuration with slaptest, I get:
root@canis32:/etc/ldap# slaptest -f /etc/ldap/slapd.conf syncprov_db_open: invalid config, lastmod must be enabled backend_startup_one (type=hdb, suffix="<mysuffix>"): bi_db_open failed! (-1) slap_startup failed (test would succeed using the -u switch)
and I can't run slapd. Any idea?
I'm running slapd 2.4.21 (ubuntu lucid package)
The chain overlay has to be configured in the global part, prior to any database declaration.
-Dieter
Dieter Klünter wrote:
Am Mon, 16 Jan 2012 11:03:25 +0100 schrieb "Angel L. Mateo"amateo@um.es:
Hi,
I'm trying to configure chain overlay in a ldap replica consumer. My final purpose is that if this node receives an update, it directly tries to make it in the provider node, instead of returning the referrral. Is that possible? I think so...
But I have a problem with the configuration. My config is
... moduleload back_ldap moduleload syncprov ... database hdb suffix dc=<mysuffix> ... overlay syncprov
syncrepl rid=31 provider="ldap://<provider>" binddn="<replica user dn>" bindmethod=simple credentials=<password> searchbase="dc=<mysuffix>" type=refreshAndPersist interval=00:00:00:10 retry="5 5 300 +" timeout=1
overlay chain chain-max-depth 1 chain-return-error true
chain-uri ldap://<provider> chain-rebind-as-user yes chain-idassert-bind bindmethod=simple binddn=<replica user dn> credentials=<password> starttls=no mode="self"
But when I test configuration with slaptest, I get:
root@canis32:/etc/ldap# slaptest -f /etc/ldap/slapd.conf syncprov_db_open: invalid config, lastmod must be enabled backend_startup_one (type=hdb, suffix="<mysuffix>"): bi_db_open failed! (-1) slap_startup failed (test would succeed using the -u switch)
and I can't run slapd. Any idea?
I'm running slapd 2.4.21 (ubuntu lucid package)
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
El 16/01/12 17:04, Howard Chu escribió:
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
Am Mon, 16 Jan 2012 20:11:02 +0100 schrieb "Angel L. Mateo" amateo@um.es:
El 16/01/12 17:04, Howard Chu escribió:
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
If you declare a database as provider (by calling the syncprov overlay) this database accepts write operations, so there is no need for chaining.
-Dieter
El 17/01/12 08:30, Dieter Klünter escribió:
Am Mon, 16 Jan 2012 20:11:02 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 16/01/12 17:04, Howard Chu escribió:
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
If you declare a database as provider (by calling the syncprov overlay) this database accepts write operations, so there is no need for chaining.
I want to declare the database as a consumer, not a provider.
Am Tue, 17 Jan 2012 09:02:04 +0100 schrieb "Angel L. Mateo" amateo@um.es:
El 17/01/12 08:30, Dieter Klünter escribió:
Am Mon, 16 Jan 2012 20:11:02 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 16/01/12 17:04, Howard Chu escribió:
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
If you declare a database as provider (by calling the syncprov overlay) this database accepts write operations, so there is no need for chaining.
I want to declare the database as a consumer, not a provider.
You should remove the overlay syncprov declaration than.
-Dieter
El 17/01/12 11:08, Dieter Klünter escribió:
Am Tue, 17 Jan 2012 09:02:04 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 17/01/12 08:30, Dieter Klünter escribió:
Am Mon, 16 Jan 2012 20:11:02 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 16/01/12 17:04, Howard Chu escribió:
The chain overlay has to be configured in the global part, prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
If you declare a database as provider (by calling the syncprov overlay) this database accepts write operations, so there is no need for chaining.
I want to declare the database as a consumer, not a provider.
You should remove the overlay syncprov declaration than.
Really? In the documentation (http://www.openldap.org/doc/admin24/replication.html#Syncrepl) is the consumer who has the syncrepl options.
Or you meant the definition "overlay syncprov"?
Am Wed, 18 Jan 2012 09:09:35 +0100 schrieb "Angel L. Mateo" amateo@um.es:
El 17/01/12 11:08, Dieter Klünter escribió:
Am Tue, 17 Jan 2012 09:02:04 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 17/01/12 08:30, Dieter Klünter escribió:
Am Mon, 16 Jan 2012 20:11:02 +0100 schrieb "Angel L. Mateo"amateo@um.es:
El 16/01/12 17:04, Howard Chu escribió:
> The chain overlay has to be configured in the global part, > prior to any database declaration.
That might be true, but the actual error here is that the syncprov overlay has been included even though there is no need for it.
If it is not necessary, how do I synchronyzed both ldap directories? I think I need it. I have configured chain overlay in global part and the problem has been fixed.
If you declare a database as provider (by calling the syncprov overlay) this database accepts write operations, so there is no need for chaining.
I want to declare the database as a consumer, not a provider.
You should remove the overlay syncprov declaration than.
Really? In the documentation (http://www.openldap.org/doc/admin24/replication.html#Syncrepl) is the consumer who has the syncrepl options.
Or you meant the definition "overlay syncprov"?
yes.
-Dieter
Really? In the documentation (http://www.openldap.org/doc/admin24/replication.html#Syncrepl) is the consumer who has the syncrepl options.
Or you meant the definition "overlay syncprov"?
yes.
Ok. You were right. I don't the syncprov overlay if I want to configure a consumer. It is needed only in the provider.
I have found the problem. It is that chain configuration has to be put before any backend configuration.
openldap-technical@openldap.org
-
Angel L. Mateo -
Dieter Klünter -
Howard Chu