[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sync repl more than one rid?

Thank you Howard,

I would like to add to benefit of everyone that the "DB_NOTFOUND: No matching key/data pair found" was probably due to access config rather than sync repl. Also that entryCSN needs to be readible by the bind_dn on the provider for it work.

I guess I can just use attr lists to achieve what I want from the whole directory if I have to.

Thanks,

Ben

From: Howard Chu <hyc@symas.com>
To: Ben Booble <oneoutof100@hotmail.com>
CC: openldap-software@OpenLDAP.org
Subject: Re: sync repl more than one rid?
Date: Tue, 24 May 2005 23:40:15 -0700

The ability to use multiple consumer specs in a single database has never worked in OpenLDAP 2.2 and the feature has been removed in OpenLDAP 2.3.

Also, the sessionlog id (sid) bears no relation to the replica id (rid), they are two different parameters. In OpenLDAP 2.2 there is no keyword for configuring the sessionlog id in a syncrepl consumer, which renders the sessionlog useless. This has been fixed in OpenLDAP 2.3 by removing the notion of sessionlog IDs; the provider's sessionlog (if enabled) is automatically used for all requests.

In OpenLDAP 2.3 I think you'll have to use a separate relay database in order to accomplish what you want. Certainly that will work, anyway.

Ben Booble wrote:

Hi all,

I have set up syncrepl on one of my consumer ldap servers and it was able to build from the provider ldap server without a problem (ie didn't have to add ldif to ldap server on consumer with slapcat or slapadd). Both are running openldap-servers-2.2.23-5mdk.

I have an intermittent problem that occurs. When I want to rebuild my consumer server I just shutdown ldap, rm -rf /var/lib/ldap/* and restart. Sometimes it restarts and rebuilds everything and sometimes it says "DB_NOTFOUND: No matching key/data pair found" and gets no further. Why is this?

Second I would like to add a second syncrepl rid that queries the same provider but when I do it says "database already shadowed.". I want it to replicate different parts of the ldap server and this gives me the finer control over it (or it would if it didn't error;).

Here is my slapd.conf on my consumer (the way I would like it - but rid=011 is the one that works fine):

syncrepl rid=011
provider=ldap://192.168.0.45:389
type=refreshOnly
interval=00:00:01:00
starttls=yes
searchbase="ou=Aliases,ou=Postfix,ou=System,dc=blah"
scope=sub
schemachecking=off
updatedn="uid=xxxx,ou=System,ou=People,dc=blah"
binddn="uid=xxxx1,ou=System,ou=People,dc=blah"
bindmethod=simple
credentials=xxxx
......(below is what I would want to add)......
syncrepl rid=012
provider=ldap://192.168.0.160:389 (same 160 and 45 are the same server)
type=refreshAndPersist
interval=00:00:01:00
starttls=yes
searchbase="ou=Utiba,ou=People,dc=blah"
filter="((objectClass=amavisAccount)(objectClass=CourierMailAccount))"
scope=one
attrs="mail,mailbox, and a lot more"
schemachecking=off
updatedn="uid=xxxx,ou=System,ou=People,dc=blah"
binddn="uid=xxxx1,ou=System,ou=People,dc=blah"
bindmethod=simple
credentials=xxxx

on the provider i have the sessionlog or sid 011 and 012 (in slapd.conf)

regards,
Ben

_________________________________________________________________
Don?t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/




--
 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support


_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/