I was trying to setup replication using syncrepl with openldap 2.4.11 on
two machines running RHEL 5.0
The provider has approximately 1000 entries in the directory.
On the consumer side, I am getting the following error after
synchronization of around 500 records.
Oct 14 16:35:59 osmvm2 slapd2.4[11727]: syncrepl_entry: rid=001
cn=Delfin Labarge,ou=Payroll,dc=example,dc=com
Oct 14 16:35:59 osmvm2 slapd2.4[11727]: syncrepl_entry: rid=001 be_add (0)
Oct 14 16:35:59 osmvm2 slapd2.4[11727]: do_syncrep2: rid=001
LDAP_RES_SEARCH_RESULT
Oct 14 16:35:59 osmvm2 slapd2.4[11727]: do_syncrep2: rid=001 (4) Size
limit exceeded
I am using "refreshOnly" syncrepl in the consumer.
The syncrepl user dn is uid=syncrepl,ou=System,dc=example,dc=com
and added this dn as a member to a group called LDAPAdmins
(cn=LDAPAdmins,ou=Groups,dc=example,dc=com)
slapd.conf configuration at the consumer end is as follows:
# Replicas running syncrepl as non-rootdn need unrestricted size/time
limits:
limits group="cn=LDAPAdmins,ou=Groups,dc=example,dc=com"
size=unlimited
time=unlimited
#SyncRepl slave configuration
syncrepl rid=001
provider=ldap://16.167.10.25
type=refreshOnly
interval=00:00:05:00
searchbase="dc=example,dc=com"
binddn="uid=syncrepl,ou=System,dc=example,dc=com"
credentials=secret
timelimit=unlimited
sizelimit=unlimited
slapd.conf configuration at the provider is as follows:
#Global ACL for replication
access to *
by group="cn=LDAPAdmins,ou=Groups,dc=example,dc=com" read
by anonymous read
# syncprov
index entryCSN,entryUUID eq
# Replicas running syncrepl as non-rootdn need unrestricted size/time
limits:
limits group="cn=LDAPAdmins,ou=Groups,dc=example,dc=com"
size=unlimited
time=unlimited
# ACL ensuring replicator has write access
access to *
by group="cn=LDAPAdmins,ou=Groups,dc=example,dc=com" write
by * read