[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: delta-syncrepl contextCSN update timing, schema checking

On Thu, May 01, 2008 at 09:57:25AM -0700, Quanah Gibson-Mount wrote:
> --On Thursday, May 01, 2008 11:39 AM -0400 John Morrissey <jwm@horde.net> 
> wrote:
> > Recently, a fluke in our configuration distribution system caused one of
> > our consumers (running 2.3.41) to have stale schema information. slapd
> > at debuglevel 16384 emitted:
> >
> > Should this error have been raised in this case? I tried explicitly
> > disabling schemachecking ("schemachecking=off" in the syncrepl stanza),
> > but this error was still raised.
> The error is correct.  schemachecking off makes it so that entries do not 
> have to comply to *known* schema.  Your schema was not known.

I guess I was confused by slapd.conf(5):

    The  schema  checking  can be enforced at the LDAP Sync consumer
    site by turning on the schemachecking parameter. The default is
    off.  Schema checking on means that replicated entries must have
    a structural objectClass, must obey to objectClass requirements
    in   terms  of  required/allowed  attributes,  and  that naming
    attributes and distinguished  values  must  be  present.   As a
    consequence,   schema   checking  should  be  off  when partial
    replication is used.

The reason it works this way (and how it serves the partial replication use
case) makes total sense now, but I might not be the only one to draw the
wrong conclusion from something like "schemachecking=off".

I'm not sure how I would reword this part of the man page, but FWIW it was
what confused me about this option's behavior.

John Morrissey          _o            /\         ----  __o
jwm@horde.net        _-< \_          /  \       ----  <  \,
www.horde.net/    __(_)/_(_)________/    \_______(_) /_(_)__