[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: why syncrepl doesn't work ???



On Tue, Jun 12, 2007 at 09:23:52AM -0300, Jeronimo Zucco wrote:
>     Hi, list.
> 
>     I'm trying to implement syncrepl in my openldap 2.3.35 without sucess. I 
>  tryed many (I sed: MANY) times to slacat, slapadd to slave for syn ldap 
>  servers, but for some reason with I don't know, the slave lost the sync.
> 
>     Then I have to do the same thing ate night:
> 
>  - stop ldap master;
>  - slapcat master
>  - slapadd on the slave;

You don't need this slapcat/slapadd with syncrepl. It should be able to
detect the consumer (slave) is empty and fetch all that is needed from
the producer (master).

>  - start master and start slave
> 
>     This works about one hour, in the morning wasn't syncing again. If i 
>  restart the slave ldap, then the changes on the master is replicated, but 
>  stops to sync "on line" after this.
> 
>  I don't know what to do to solve this issue :-(
> 
>     Follow up my ldap configuration (just about syncrepl):
> 
>  ldap master:
>  # acls permits to user replicator to read all the database

You don't show these ACLs.

>  index   objectClass,entryCSN,entryUUID  eq
>  overlay         syncprov
>  syncprov-checkpoint 100 10
>  syncprov-sessionlog 100
>  limits dn.exact="cn=replicator,dc=domain,dc=com" size.soft=unlimited 
>  size.hard=unlimited
> 
> 
> 
>  ldap slave:
>  syncrepl
>     rid=1
>     provider=ldaps://master.domain.com:636
>     binddn="cn=replicator,dc=domain,dc=com"
>     bindmethod=simple
>     credentials=secret
>     searchbase="dc=domain,dc=com"
>     filter="(objectClass=*)"
>     schemachecking=off
>     scope=sub
>     type=refreshAndPersist
>     retry="60 +"

This seems correct. Maybe some debugging on both sides? Do you use some
other overlay besides syncprov?