Re: cascading syncrepl

[Todd Lyons <tlyons@ivenue.com>]

Quanah Gibson-Mount wanted us to know:

>That somewhat depends on how one implements their LDAP systems, and seems 
>to assume a constant uptime.  Stanford, for example, shuts down each LDAP 
>server nightly in rotation.  So it is entirely possible for there to be 
>updates received at the master while a consumer is disconnected.  I look 
>forward to testing a working sessionlog implementation. :)

Yes, it would be nice.  I don't shut down my slaves as often as you do
though.  But even so, I feel better when I occassionally run this:

[todd@tlyons ~]$ cat bin/checkldapconsistency.sh
#!/bin/bash

for TARG in master ldap1 ldap2; do
        FILE="$(mktemp /tmp/$(basename $0.XXXXXX))"
        echo -en "Checking $TARG: \t"
        ldapsearch -x -LLL -H ldap://$TARG -b "dc=domain,dc=net" -z 0 -w
obfuscated -D cn=Manager,dc=domain,dc=net "(sendmailMTAMapName=virtuser)"
sendmailMTAKey > $FILE
        egrep '^dn:' $FILE | wc -l
        rm -f $FILE
done
[todd@tlyons ~]$ checkldapconsistency.sh
Checking master:        34203
Checking ldap1:         34203
Checking ldap2:         34203


I'm curious, how do you merge the rejects back into your slaves when you
bring them back up the next day?  Is that automated somehow?  Or do you
manually ldapadd them back in?
-- 
Regards...		Todd
  We should not be building surveillance technology into standards.
  Law enforcement was not supposed to be easy.  Where it is easy, 
  it's called a police state.             -- Jeff Schiller on NANOG
Linux kernel 2.6.8.1-12mdkenterprise   2 users,  load average: 0.07, 0.03, 0.00