[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: contextCSN with empty suffix
Christian Kratzer wrote:
Hi,
we have a customer who runs an openldap installation with an empty suffix as in
suffix ""
which is a potential problem when migrating to syncrepl as they do not have
an entry to store the contextCSN.
Actually it's no problem at all.
In our lab using openldap 2.4.19 we succeeded in inserting an entry with
an empty dn as follows:
dn:
objectClass: organization
o: root
syncrepl and back-bdb/hdb would have created this entry automatically anyway,
if it was needed.
This entry received the contextCSN entries and everything looks good
from what I can see:
dn:
objectClass: organization
o: root
structuralObjectClass: organization
entryUUID: 6bd316a2-6f10-102e-904e-c754373eef36
creatorsName: cn=Manager
createTimestamp: 20091126194832Z
entryCSN: 20091126194832.284443Z#000000#000#000000
modifiersName: cn=Manager
modifyTimestamp: 20091126194832Z
contextCSN: 20091126194832.864794Z#000000#000#000000
I have no idea how ugly this hack is and am concerned this might break
with a future release when either searching for contextCSN below the suffix
is perhaps supported again or entries with an empty dn break.
I am about to advise the customer to move to a directory with an
nonempty suffix matching their root entry but would like to hear
nevertheless what you think of above.
There are some situations where this type of config may run into problems, but
in most cases it works fine. For the rare problem cases, (e.g., using proxy
syncrepl) an option has been introduced in 2.4.20 to allow the contextCSN to
be stored in a dedicated subentry instead of in the suffix entry (See
ITS#6373). But if you're not using proxy syncrepl, there's nothing to worry about.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/