[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify error

Naufal Sheikh wrote:

Ok, I am using openldap 2.2.20 on both machines.

You should seriously consider upgrading since 2.2.x is historic since quite a while. Historic means there is absolutely no support for this code base anymore. Even no security fixes! Nada!

I have added replog attribute in the slapd.conf of my backup machine. I switch off my production for maintainance, and swithc the backup on. AS it has replog enabled it starts creating logs of the events, After maintainance activity I ftp the replog to production and use ldapmodify to apply those logs on production.

This is a very unusual approach. Note that ldapmodify is a normal DUA (directory *user* agent).

ldap_modify: Constraint violation (19)
         additional info: entryCSN: no user modification allowed

IF I edit my replog and remove all the stuff like

replace: lastModifiedTime
lastModifiedTime: 2008-03-24 12:27
replace: entryCSN
entryCSN: 20080324172725Z#000001#00#000000

These attributes are operational attributes not modifiable by a normal DUA. Consider deploying a real replication mechanism (syncrepl preferred). There are several modes available which should satisfy your particular needs.




Ciao, Michael.