[Fwd: Re: (ITS#5881) referral problem with refreshAndPersist mode]

[Howard Chu <hyc@symas.com>]

Unfortunately, I think the spec is broken here. There's no way for the 
consumer to record the references it receives, because they're not accompanied 
by the DN of the entry that triggered the reference. It would have made more 
sense for the provider to send the references uninterpreted, as regular LDAP 
entries.

Any suggestions?

-------- Original Message --------
Subject: Re: (ITS#5881) referral problem with refreshAndPersist mode
Date: Sat, 24 Jan 2009 05:12:08 GMT
From: hyc@symas.com
To: openldap-its@openldap.org

joao.alfredo@gmail.com wrote:
> Full_Name: João Alfredo
> Version: 2.4.13
> OS: Debian Lenny
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (200.189.117.10)
>
>
> I am using a refreshAndPersist replication mode on OpenLdap 2.4.13.
>
> When I add referral OU on Master, this entrie is not replicate to Consumer.
>
> My test.ldif:
> dn: ou=MUNICIPIOS,dc=pr
> ou: MUNICIPIOS
> ref: ldap://<IP>/ou=MUNICIPIOS,dc=pr
> objectClass: referral
> objectClass: extensibleObject
> dc: MUNICIPIOS

> Logs on consumer side:
> Jan  8 17:50:15 ecelepar10173 slapd[2722]: do_syncrep2: rid=000 reference
> received error

Interesting, you've found a bug that has been present since syncrepl's code
was first written in 2003. The syncrepl code assumes that it will only receive
LDAP entries from the provider. But according to RFC4533, references are
supposed to be sent as-is and stored by the consumer. The syncprov overlay
obeys the spec and sends references correctly.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/