RE: Constraint violation in Replication setup.

["Reinhard Nappert" <rnappert@juniper.net>]

Hi, again,

I went through a previous thread
(http://www.openldap.org/lists/openldap-software/200406/msg00060.html),
which dealt with the same issue, I encounter. Unfortunately, there was
no real solution to that. Gavin just switched the boxes and changed the
configuration accordingly. Due to desperation, I did the same and I am
back to my initial issue, which I posted:
http://www.openldap.org/lists/openldap-software/200502/msg00453.html

Now, I can add an entry with a client, connected to the master. This
master propagates the entry to the slave. So, master can bind to the
slave and add the entry. However, the io-rate is up (50%). When I start
slurpd with -d 65535, I get the following output over and over again,
although no changes were performed:

new work in /opt/UMC/openldap/var/openldap-slurp/replica/slurpd.replog
copy replog "/opt/UMC/openldap/var/openldap-slurp/replica/slurpd.replog"
to "/opt/UMC/openldap/var/openldap-slurp/replica/slurpd.replog"

The next observation is that I still can not perform modifications
through the slave. The referral is not happening at all and the client
gets Result code (0x50) with error message: no stucturalObjectClass
operational attribute.

It looks like, I still have to go a very long way to accomplish a smooth
replication setup.

Any help is very much appreciated.

Thanks
-Reinhard


-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Reinhard
Nappert
Sent: Friday, March 04, 2005 8:44 AM
To: OpenLDAP-software@OpenLDAP.org
Subject: RE: Constraint violation in Replication setup.

 Sure, here are the slapd.conf entries:

Master:
#######################################################################
# BDB database definitions
#######################################################################

database        bdb
suffix          "dc=net"
rootdn          "cn=manager,dc=net"
# Cleartext passwords, especially for the rootdn, should # be avoid.
See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          secret
lastmod         on
directory       var/openldap-data
cachesize       5000
checkpoint      512    5
# Indices to maintain
....
##############################################################
# replication definition Master
##############################################################
replogfile /var/openldap-slurp/replica/slurpd.replog

replica-pidfile /var/run/slurpd.pid

replica host=slave:389
        binddn="cn=replAdmin,dc=net"
        bindmethod=simple
        credentials=secret

Slave:
#######################################################################
# BDB database definitions
#######################################################################

database        bdb
suffix          "dc=net"
rootdn          "cn=manager,dc=net"
# Cleartext passwords, especially for the rootdn, should # be avoid.
See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          secret
lastmod         on
directory       /var/openldap-data
cachesize       5000
checkpoint      512    5
# Indices to maintain
....
##############################################################
# replication definition Slave
##############################################################
updatedn cn=replAdmin,dc=net
updateref ldap://master:389


I don't see any obvious misconfiguration. 
Let's see, if you guys detect anything.

Thanks
-Reinhard


-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Ace Suares
Sent: Thursday, March 03, 2005 10:23 PM
To: OpenLDAP-software@OpenLDAP.org
Subject: Re: Constraint violation in Replication setup.


probaly you don't have an 'updatedn' in slapd.conf on the one that needs
updating. I ran into that yesterday when I wanted to use the 'rootdn' 
with 'ldapadd' to add a 'replog' file to my database.

-Ace

On Thursday 03 March 2005 10:51, you wrote:
> --On Thursday, March 03, 2005 5:12 PM -0500 Reinhard Nappert
>
> <rnappert@juniper.net> wrote:
> > Hi, I've installed OpenLDAP 2.2.23 with the Berkeley 4.2 (patches) 
> > DB on Solaris 8. After I configured the master and slave, I started 
> > the slurpd process. The initial test was to just add one object, 
> > accessing the master. The replication fails with the following
error:
> >
> > ERROR: Constraint violation: structuralObjectClass: no user 
> > modification allowed
> > replica: slave:389
> > time: 1109884741.0
> > dn: o=Company,dc=net
> > changetype: add
> > objectClass: organization
> > objectClass: top
> > o: Company
> > structuralObjectClass: organization
> > entryUUID: 9bd93082-2075-1029-9c23-fe1f003104f7
> > creatorsName: cn=manager,dc=net
> > createTimestamp: 20050303211901Z
> > entryCSN: 20050303211901Z#000001#00#000000
> > modifiersName: cn= cn=manager,dc=net
> > modifyTimestamp: 20050303211901Z
> >
> > Yes, I have checked if binddn from the master configuration is 
> > identical to the updatedn on the slave. I also made sure that the 
> > "replication manager" has the appropriate access rights.
> >
> > Does someone has an idea how to fix that problem.
>
> Can you send the master & slave slapd.conf files in an attachment to 
> the list (blocking out any userid/password information)?
>
> --Quanah
>
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITSS/Shared Services
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
>
> "These censorship operations against schools and libraries are 
> stronger than ever in the present religio-political climate. They 
> often focus on fantasy and sf books, which foster that deadly enemy to

> bigotry and blind faith, the imagination." -- Ursula K. Le Guin

-- 

Ace Suares' Internet Consultancy
mail: PObox 2599, 4800 CN Breda, The Netherlands
phone: +31 6 244 33 608 (Jan Veuger, support Netherlands)
emergency: +599 786 23 73
voicemail & fax: +31 848 707 705
web: http://www.suares.nl email: support@suares.nl