---------- Forwarded message ---------- From: fal patel fal0patel@gmail.com Date: Thu, Jan 3, 2013 at 3:28 PM Subject: Re: Multi-Master OpenLDAP Replication for 3 nodes -- slapadd command failing To: openldap-technica@openldapl.org, Howard Chu hyc@symas.com, Philip Guenther guenther+ldaptech@sendmail.com Cc: fal patel fal0patel@gmail.com
Hi Howard and Philip,
Thank you very much for your emails.
Well, it doesn't work for me, and hasn't for the two weeks I've been wrestling with it.
Could you please post a *working* LDIF file of Section 18.3.3 "N-Way Multi-Master"? (I can substitute my real values if you keep the "$xxx" labels in there, of course.)
I want to be able to feed the above LDIF file in to slapadd and obtain both config db replication and also data replication. The only change I should have to make for my 3 OpenLDAP servers is that the Server#1 should have "olcServerID: 1", Server#2 should have "olcServerID: 2", etc.
Thanks very much. Best regards
Fal
On Thu, Jan 3, 2013 at 6:40 AM, Howard Chu hyc@symas.com wrote:
fal patel wrote:
Hi Philip,
hank you very much for your email.
In that case, my original surmise is correct: The OpenLDAP Administrator's Guide's Section 18.3.3 "N-Way Multi-Master" definitely is buggy. Because my LDIF file is a direct copy thereof (except for my environment values substituted in instead of the labels such as $URI1, of course.)
The example in 18.3.3 works perfectly when you substitute the correct values in for the variables and follow the steps listed.
How can this be reported as a bug, please? (In OpenLDAP documentation
or/and code). And can a *working* sample LDIF file be provided, please, for this important replication design, n-way multi-master?
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/**project/http://www.openldap.org/project/
NOTE: I am not an OpenLDAP project developer and do not have any sort of commit rights to any part of it.
On Thu, 3 Jan 2013, fal patel wrote:
Thank you very much for your emails.
Well, it doesn't work for me, and hasn't for the two weeks I've been wrestling with it.
Could you please post a *working* LDIF file of Section 18.3.3 "N-Way Multi-Master"? (I can substitute my real values if you keep the "$xxx" labels in there, of course.)
The LDIF in that section on the website apepars, to my eyes, to be acceptable, on a piece-wise basis BY THE ldapadd AND/OR ldapmodify PROGRAMS INCLUDED IN OPENLDAP.
If you cannot figure out how to set up your server to that its cn=config tree can modified with ldapadd and ldapmodify, then stop playing with replication and figure that out.
I want to be able to feed the above LDIF file in to slapadd and obtain both config db replication and also data replication.
Nope, sorry, that's not something that the project documents. It may be possible in some cases but in general you need to use ldapmodify
I stand by my assertion that not all the chunks there are valid RFC 2849 LDIF. OpenLDAP's ldapmodify accepts them, but at least this chunk may be rejected by other tools that comply with the standard and cannot be considered portable dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 $URI1 olcServerID: 2 $URI2 olcServerID: 3 $URI3
as it lacks the required terminating "-" line.
Philip Guenther
Hi Philip,
If you can't post it, could you please email me a *working* LDIF file of Section 18.3.3 "N-Way Multi-Master"? (I can substitute my real values if you keep the "$xxx" labels in there, of course.)
My comments in-line below.
Thanks in advance
Fal
On Thu, Jan 3, 2013 at 8:02 PM, Philip Guenther < guenther+ldaptech@sendmail.com> wrote:
NOTE: I am not an OpenLDAP project developer and do not have any sort of commit rights to any part of it.
On Thu, 3 Jan 2013, fal patel wrote:
Thank you very much for your emails.
Well, it doesn't work for me, and hasn't for the two weeks I've been wrestling with it.
Could you please post a *working* LDIF file of Section 18.3.3 "N-Way Multi-Master"? (I can substitute my real values if you keep the "$xxx" labels in there,
of
course.)
The LDIF in that section on the website apepars, to my eyes, to be acceptable, on a piece-wise basis BY THE ldapadd AND/OR ldapmodify PROGRAMS INCLUDED IN OPENLDAP.
It should be acceptable as an LDIF as input to slapadd. If it is not, it is buggy by definition. Remember, we should be able to perform database configuration OFF-LINE. ie. without slapd running. And obviously when off-line, slapadd works whereas ldapmodify, ldapadd etc. cannot.
If you cannot figure out how to set up your server to that its cn=config tree can modified with ldapadd and ldapmodify, then stop playing with replication and figure that out.
On the contrary.
See above.
I want to be able to feed the above LDIF file in to slapadd and obtain both config db replication and also data replication.
Nope, sorry, that's not something that the project documents. It may be possible in some cases but in general you need to use ldapmodify
No.
The DB on-line configuration case should be supported, of course. And so should the DB off-line configuration case.
I stand by my assertion that not all the chunks there are valid RFC 2849 LDIF. OpenLDAP's ldapmodify accepts them, but at least this chunk may be rejected by other tools that comply with the standard and cannot be considered portable dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 $URI1 olcServerID: 2 $URI2 olcServerID: 3 $URI3
as it lacks the required terminating "-" line.
Yes, because the Section 8.3.3 "N-Way Multi-Master" document/code from the OpenLDAP Administrator's Guide lacks the terminating "-" after modify (and in several places too), it is not valid LDIF syntax. So, it is buggy. So, it should be fixed.
Philip Guenther
--On Thursday, January 03, 2013 9:28 PM -0800 fal patel fal0patel@gmail.com wrote:
It should be acceptable as an LDIF as input to slapadd. If it is not, it is buggy by definition. Remember, we should be able to perform database configuration OFF-LINE. ie. without slapd running. And obviously when off-line, slapadd works whereas ldapmodify, ldapadd etc. cannot.
If you would spend the time to start with a basic cn=config setup, and then perform the ldap modifications as noted in the admin guide, your end result would be a cn=config DB you could *slapcat* into LDIF, which you could then use as a template for loading other servers. In fact, you'd be long done with this if you'd simply done that very simple thing.
Just because slapadd doesn't parse LDIF meant for ldap modify does *not* mean it is buggy. It means you are following the admin guide.
The admin guide is not a document that explains how to do anything and everything under the sun. It is a general guide that gives working examples of how to do various things. The end user is supposed to have enough understanding and general competence to be able to extrapolate how to go from there.
In addition, you've also been pointed to test suites that set up multi-master replication of cn=config. You could have trivially exported those cn=config DB's via slapcat as well.
You seem awfully determined to have other people take the time to do your work for you, rather than doing what you could have already done weeks ago in a few minutes.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
fal patel -
Philip Guenther -
Quanah Gibson-Mount