[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: some questions about syncrepl

--On Friday, October 05, 2007 9:53 AM +0200 Guillaume Rousse <Guillaume.Rousse@inria.fr> wrote:

First, I noticed than changes on the slaves seems to be written from
rootdn, not from the dn declared in the syncrepl directive, which seems
to be only used on the master, meaning I don't need any specific ACL on
the slave. Is this correct ?

Right, the DN in the syncrepl directive is purely for how it performs its searches on the master.

Second, I have several slaves synchronizing on the same master. From
slapd.conf man page, rid is supposed to be unique in the consumer only,
meaning all my slaves can safely use the same rid (easier for
maintaining centralized configurations). Is this correct interpretation ?


Third, I noticed a lot of errors correction for syncrepl in openldap
changelog. As I can't easily change installed versions (our policy is to
stick with our distribution provided package, meaning a mix of 2.3.27
and 2.3.34), am I correct assuming 'refresh only' mode is less fragile
than 'refresh & persist' mode, and than total synchronisation is also
less fragile than delta synchronisation, if I need to fallback on a
safer mode ?

Nope. And, by the way, I'd seriously examine your policy, it is mightily flawed. Distro versions are almost never meant for running OpenLDAP as a server, but for providing the client libraries. You are only setting yourself up to be shot in the foot by following your current policy. A wiser choice would be to do something like use the pre-compiled releases from Symas (http://www.symas.com/) or if you are using RedHat or CentOS, Buchan Milne's pre-compiled packages




Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration