[Date Prev][Date Next] [Chronological] [Thread] [Top]

Force syncrepl client to do complete sync?

I have a syncrepl setup where some slaves get a portion of the full
DIT that is defined by access-control on the master. This works well
until the ACLs change or some other data update (such as group
membership) allows the slave to see a different subset of the DIT.
The problem is twofold:

1)	The slave might now have data that it should delete.

2)	The slave might now be allowed to see more data so it should
	replicate it.

The current syncrepl implementation does not seem to handle this case very
well on its own, and I don't want to delete the whole of the slave DB.
Is there aome way that I can force a complete re-sync on a live server? I
tried deleting the contextCSN through LDAP, but of course it won't let
me do that on the slave.

|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |