[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7400) Memberof and Syncrepl incompatibility

arunkumar_1123@yahoo.com wrote:
> Full_Name: Arunkumar shanmugam
> Version: 2.4.29
> OS: rhel5
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> Hi,
> I'm currently using Openldap 2.4.29 to model an Authorization platform. I
> noticed some inconsistent behavior with syncrepl and memberof overlays.

Does this issue occur with the current release, 2.4.32?
> The issue happens as follows:
> If I Create groups with a large number of members and delete them in quick
> succession on the writemaster, the data replicated to the readslave is
> incorrect, in particular, the memberof fields of the User objects.
> This seems to happen because the memberof field is getting replicated to the
> slave nodes, although the documentation states that it shouldn't.

Indeed. Do you have debug logs showing the replication traffic, and showing 
that the memberof attribute got replicated?

> While
> replicating, the User object is replicated inclusive of the memberof fields, but
> by the time the syncrepl search comes to the group object, it has already been
> deleted, and hence not replicated. This leaves a dangling memberof field in the
> read slave instance.
> I was wondering if anyone has faced this issues (I did not see any ITS related
> to this), and has a workaround.
> Thanks,
> Arunkumar

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/