On Thu, Feb 01, 2007 at 08:59:39PM -0800, Christopher Cowart wrote: > On Thu, Feb 01, 2007 at 08:25:52PM -0800, Howard Chu wrote: > > Redirected from -bugs; there is no evidence of a bug here. > Perhaps the -software list charter should include mention of support > issues or questions? As it was, -bugs seemed most appropriate. > > > Christopher Cowart wrote: > > >Hello, > > > > > >I have 3 installations of openldap-server-2.3.33 running on FreeBSD > > >6.1-REL: ldap-master, ldap1, ldap2. I am using syncrepl to replicate > > >ldap-master to ldap1 and ldap2. The replicated directory is missing > > >entire ou branches in my tree. > > > > > >I have created the following objects in my directory: > > >cn=syncrepl-ldap1,dc=example,dc=com > > >cn=syncrepl-ldap2,dc=example,dc=com > > > > > >I've made the following configurations on the provider: > > >| access to * > > >| by dn.regex="cn=syncrepl-(ldap1|ldap2),dc=example,dc=com" read > > >| by * break > > >| > > >| # More ACLs Follow > > >| > > >| # For Sync Replication > > >| overlay syncprov > > >| syncprov-checkpoint 100 10 > > >| syncprov-sessionlog 100 > > > > More information is needed. There's no indication that ACLs are any problem > > here. Of course, you've listed your rootdn in your ACLs, which is useless. > > Could you suggest what other information might be helpful? I thought the > fact that syncrepl works when binding as the rootdn but not the syncrepl > user indicated ACLs. What makes you think otherwise? > > > One possible explanation is that you didn't raise the sizelimits for the > > syncrepl users, so they weren't able to get a full refresh. > > Thanks for this suggestion. I've added this (from a forum post): > | limits dn.regex="cn=syncrepl-ldap1,dc=example,dc=com" > | time.soft=unlimited time.hard=unlimited size.soft=unlimited > | size.hard=unlimited > > After restarting the provider, the consumer is still not replicating the > missing portions of the directory. Do you have any other suggestions? Just to clarify, I also blew away the backend on the consumer and restarted that instance of slapd. -- Chris Cowart Network and Infrastructure Systems Administrator RSSP-IT, UC Berkeley "May all your pushes be popped"
Description: Digital signature