[Date Prev][Date Next]
Syncrepl Problems for Attribute-Value Pair host=*
I'm having a little syncrepl problem here. OL version is 2.3.13 + bdb
4.2.52 with 4 patches + OL transactions patch (is it still need?).
We have a master server filled with mostly POSIX account and group data.
I was experimenting to set up a slave slapd on a UNIX client which should
only contain POSIX accounts that are actually allowed to login on that
client (which is defined through the host attribute).
So I set up a syncrepl slapd on that machine with a filter diretive that
replicates all posix groups and all accounts which are allowed to login
along with the dc's and ou's needed to reflect the posix information
retry="60 10 300 +"
I added a few testusers of this kind to the directory:
cn: TestO Steron
gecos: TestO Steron
host: * (or host: <hostname>)
The first thing I stumbled upon was the fact that i had to escape the "*"
twice in the syncrepl's filter directive as opposed to nly once when using
But the real troublemaker is the "host: *" part in the above LDIF. When I
completely remove the "host: *" attribute from a user entry on the master
it doesn't get deleted on the slave, which on the other hand works
perfectly fine when removing "host: <hostname>" from an entry. While on
the other hand modifyinbg "host: *" to sth. like "host: <not the slave's
hostname>" the entry gets removed on the slave.
So aparently syncrepl doesn't handle attribute-value pairs of the type
<attribute>=* properly if used in a syncrepl filter directive.
Kind regards and thanks for any help