Re: (ITS#6329) memberof overlay doesn't update entryCSN

[msmith@cbnco.com]

On Wed, 14 Oct 2009, masarati@aero.polimi.it wrote:

> Should be fixed in HEAD (one-line fix, see overlays/memberof.c 1.25 -> 1.26).
> 
> Please test.  Thanks, p.

Thanks - I applied this to openldap 2.4.19 and the entryCSNs now match on 
all nodes, as long as they're all up when a group is modified.

I still get something strange if one node is down: if I remove a user from 
a group on the working node, then bring the failed node back, the failed 
node doesn't sync the modified group and user objects. For example, if I 
remove testuser3 from testgroup2 while node 2 is down, then bring node 2 
back, I get this on node 1:

dn: uid=testuser3,ou=people,dc=dom
memberOf: cn=testgroup1,ou=group,dc=dom
entryCSN: 20091015040419.455869Z#000000#001#000000

dn: cn=testgroup2,ou=group,dc=dom
member: uid=testuser2,ou=people,dc=dom
entryCSN: 20091015040419.455869Z#000000#001#000000

And this on node 2:

dn: uid=testuser3,ou=people,dc=dom
memberOf: cn=testgroup2,ou=group,dc=dom
memberOf: cn=testgroup1,ou=group,dc=dom
entryCSN: 20091015033445.046089Z#000000#002#000000

dn: cn=testgroup2,ou=group,dc=dom
member: uid=testuser2,ou=people,dc=dom
member: uid=testuser3,ou=people,dc=dom
entryCSN: 20091015033233.354687Z#000000#001#000000

I don't have this problem with changes that don't involve member/memberOf 
attributes. For example, I can add a description attr to the group object 
while node 2 is down, and when I bring it back up, it picks up the change.

On both nodes I've got the memberof and syncprov overlays turned on, in 
that order.

dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
olcOverlay: {0}memberof

dn: olcOverlay={1}syncprov,olcDatabase={1}hdb,cn=config
objectClass: olcSyncProvConfig
olcSpCheckpoint: 100 10
olcSpSessionlog: 1000
olcOverlay: {1}syncprov


Thanks,

Mike