[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8926) glue records + syncrepl
goudal@bordeaux-inp.fr wrote:
> Full_Name: Fr.d.ric Goudal
> Version: 2.4.46
> OS: ubuntu 18.14 LTS
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (147.210.204.135)
>
>
> The global setup is the following :
> - 1 master ldap (2.4.40)
> - 1 hidden slave on the master ldap, same suffix, ldap backend
> - 1 ldap backend on a distant server (2.4.46)
>
> When starting synchronisation the following event are happening :
> - for some reason the sync process ask for creating
> dn:uid=foo,ou=bar,dc=my,dc=domaine BEFORE the creation of
> dn : ou=bar,dc=my,dc=domain
>
> - on the backend the following entries are created in that order
> - dn:ou=bar,dc=my,dc=domain with the object class glue
> - dn: uid=foo,ou=bar,dc=my,dc=domain
>
> Than... the sync tries to create ou=bar,dc=my,dc=domain with the correct
> objectClass : organizationalUnit
> But, as the object exists on the backend ldap, creation fails, and
> synchronization stops.
>
> Solution
> -remove by hand the dn: uid=foo,ou=bar,dc=my,dc=domain, that remove the
> glue object
> - create by hand the ou=bar,dc=my,dc=domain
>
> What IMHO slapd should do :
> - either check that it does not add an object before its parent objects
No. This behavior is already documented in the Syncrepl specification.
> - either convert the glue object to the correct object when the real creation is
> needed.
The slapd consumer already does this when running on a local database. It would
require Manage privileges when running through back-ldap. Check your back-ldap configuration.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/