Hi,
I have configured two instances of LDAP in multimaster mode. I am creating 100 members and wait for 5 seconds and then deleting those 100 members. In case of creation the data is getting replicated correctly. But in deletion, all the 100 members are getting deleted from primary, but not from secondary server. As a result the data is inconsistent in both the instances. Please give any suggestion.
Thanks and Regards, Gurjot Kaur
Sofware Engineer gurjot.kaur@aricent.com [http://static.johnmcneilstudio.com/aricent/email_signature/aricent-footer-em...]
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Am Wed, 8 Apr 2015 06:22:11 +0000 schrieb Gurjot Kaur gurjot.kaur@aricent.com:
Hi,
I have configured two instances of LDAP in multimaster mode. I am creating 100 members and wait for 5 seconds and then deleting those 100 members. In case of creation the data is getting replicated correctly. But in deletion, all the 100 members are getting deleted from primary, but not from secondary server. As a result the data is inconsistent in both the instances. Please give any suggestion.
[...] What do you expect us to advice, based on this rather limited information?
-Dieter
Can you please elaborate what type of info you require?
-----Original Message----- From: Dieter Klünter [mailto:dieter@dkluenter.de] Sent: Wednesday, April 08, 2015 2:53 PM To: openldap-technical@openldap.org Subject: Re: Data is not getting replicated correctly in multimaster configuration
Am Wed, 8 Apr 2015 06:22:11 +0000 schrieb Gurjot Kaur gurjot.kaur@aricent.com:
Hi,
I have configured two instances of LDAP in multimaster mode. I am creating 100 members and wait for 5 seconds and then deleting those 100 members. In case of creation the data is getting replicated correctly. But in deletion, all the 100 members are getting deleted from primary, but not from secondary server. As a result the data is inconsistent in both the instances. Please give any suggestion.
[...] What do you expect us to advice, based on this rather limited information?
-Dieter
-- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
LDAP version is OpenLDAP 2.4.11 Please let me know if anything else is required
-----Original Message----- From: Gurjot Kaur Sent: Tuesday, April 14, 2015 5:35 PM To: Dieter Klünter; openldap-technical@openldap.org Subject: RE: Data is not getting replicated correctly in multimaster configuration
Can you please elaborate what type of info you require?
-----Original Message----- From: Dieter Klünter [mailto:dieter@dkluenter.de] Sent: Wednesday, April 08, 2015 2:53 PM To: openldap-technical@openldap.org Subject: Re: Data is not getting replicated correctly in multimaster configuration
Am Wed, 8 Apr 2015 06:22:11 +0000 schrieb Gurjot Kaur gurjot.kaur@aricent.com:
Hi,
I have configured two instances of LDAP in multimaster mode. I am creating 100 members and wait for 5 seconds and then deleting those 100 members. In case of creation the data is getting replicated correctly. But in deletion, all the 100 members are getting deleted from primary, but not from secondary server. As a result the data is inconsistent in both the instances. Please give any suggestion.
[...] What do you expect us to advice, based on this rather limited information?
-Dieter
-- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
I have upgraded LDAP to 2.4.40. Everything is working fine. Multimaster replication is accurate. Thanks for your help.
Gurjot Kaur
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Hello Gurjot
Can you please let me know what were the steps followed for the replication.
As initially i was using Rhel 4 with ldap 2.4.23 and replication was working but when one system used to go down and come up the dtaa was not able to syn for that time stamp. Attaching the issues which were caused earlier.
Regards, Pratik
On Fri, May 8, 2015 at 2:30 PM, Gurjot Kaur gurjot.kaur@aricent.com wrote:
I have upgraded LDAP to 2.4.40. Everything is working fine. Multimaster replication is accurate. Thanks for your help.
Gurjot Kaur
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Hello Gurjot,
Can you also provide me with the installation guide and replication guide / link you have referred.
I am using Rhel 5
Regards, Pratik
On Fri, May 8, 2015 at 3:04 PM, PRATIK SINGAL pratik.singal13@gmail.com wrote:
Hello Gurjot
Can you please let me know what were the steps followed for the replication.
As initially i was using Rhel 4 with ldap 2.4.23 and replication was working but when one system used to go down and come up the dtaa was not able to syn for that time stamp. Attaching the issues which were caused earlier.
Regards, Pratik
On Fri, May 8, 2015 at 2:30 PM, Gurjot Kaur gurjot.kaur@aricent.com wrote:
I have upgraded LDAP to 2.4.40. Everything is working fine. Multimaster replication is accurate. Thanks for your help.
Gurjot Kaur
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Hello Pratik,
I followed the steps mentioned in admin guide at http://www.openldap.org/doc/admin22/ I am new to LDAP. As far as I know, I guess this is an issue in version. Earlier I was also using lower version, so I got many issues in replication. But in OpenLDAP 2.4.40, all those issues were resolved.
Just one question, I have seen your issues. I wanted to ask, you have mentioned that syn logs were enabled for both the servers. Can you tell how can we enable the syn logs?
Thanks, Gurjot Kaur
From: PRATIK SINGAL [mailto:pratik.singal13@gmail.com] Sent: Friday, May 08, 2015 4:05 PM To: Gurjot Kaur Cc: openldap-technical@openldap.org Subject: Re: Data is not getting replicated correctly in multimaster configuration
Hello Gurjot,
Can you also provide me with the installation guide and replication guide / link you have referred.
I am using Rhel 5
Regards, Pratik
On Fri, May 8, 2015 at 3:04 PM, PRATIK SINGAL <pratik.singal13@gmail.commailto:pratik.singal13@gmail.com> wrote: Hello Gurjot
Can you please let me know what were the steps followed for the replication.
As initially i was using Rhel 4 with ldap 2.4.23 and replication was working but when one system used to go down and come up the dtaa was not able to syn for that time stamp. Attaching the issues which were caused earlier.
Regards, Pratik
On Fri, May 8, 2015 at 2:30 PM, Gurjot Kaur <gurjot.kaur@aricent.commailto:gurjot.kaur@aricent.com> wrote: I have upgraded LDAP to 2.4.40. Everything is working fine. Multimaster replication is accurate. Thanks for your help.
Gurjot Kaur
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Hi,
I have OpenLDAP version 2.4.11 configured in multimaster mode. Attached files is the schema file (core.schema) and configuration file for LDAP. I have modified core.schema file to make 'companyName' a mandatory parameter in objectClass 'organizationalUnit'
When I add an entry using 'ldapadd' without providing parameter 'companyName', it is getting added in the LDAP which is not correct. It should give error of missing mandatory parameter.
When this LDAP is working as single instance i.e. without multimaster mode, then while adding the same entry without parameter 'companyName', LDAP is showing error given below. ldap_add: Object class violation (65) additional info: object class 'organizationalUnit' requires attribute 'companyName'
I don’t understand what is causing any difference. Please check and give any suggestion.
Thanks, Gurjot Kaur "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
--On Wednesday, April 22, 2015 1:43 PM +0000 Gurjot Kaur gurjot.kaur@aricent.com wrote:
Hi,
I have OpenLDAP version 2.4.11 configured in multimaster mode.
Stop whatever else you are doing, and upgrade to a current release.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
Gurjot Kaur wrote:
I have OpenLDAP version 2.4.11 configured in multimaster mode.
You should definitely upgrade your OpenLDAP installation.
Attached files is the schema file (core.schema) and configuration file for LDAP. I have modified core.schema file to make 'companyName' a mandatory parameter in objectClass 'organizationalUnit'
Don't mess with standard schema! That's really bad practice.
When I add an entry using 'ldapadd' without providing parameter 'companyName', it is getting added in the LDAP which is not correct. It should give error of missing mandatory parameter.
When this LDAP is working as single instance i.e. without multimaster mode, then while adding the same entry without parameter 'companyName', LDAP is showing error given below. ldap_add: Object class violation (65) additional info: object class 'organizationalUnit' requires attribute 'companyName'
I don’t understand what is causing any difference. Please check and give any suggestion.
I'm not sure but this might be bug fixed in the mean-time. Please test with a newer release.
Please also make sure that the schema is exactly the same on all replicas.
Ciao, Michael.
I think I caught the error. The "schemachecking" was disable in "syncrepl" in slapd.conf That's why it was not displaying any error in case of missing mandatory parameter.
And as you said, we should not modify standard schema. Then what can I do if I want to add some "objectClass" and "attributes" in schema? Is there any way out to do this without changing the standard schema?
Thanks, Gurjot Kaur "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
Gurjot Kaur wrote:
And as you said, we should not modify standard schema. Then what can I do if I want to add some "objectClass" and "attributes" in schema? Is there any way out to do this without changing the standard schema?
Start here:
http://www.openldap.org/doc/admin24/schema.html#Extending%20Schema
http://www.openldap.org/faq/data/cache/219.html
Ciao, Michael.
openldap-technical@openldap.org
-
Dieter Klünter -
Gurjot Kaur -
Michael Ströder -
PRATIK SINGAL -
Quanah Gibson-Mount