[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replication crashes 1 of 2 servers - after working for months



Follow-up.

I'm rebuilding the servers and started from scratch.

I was able to get replication working just as it did before, but if I add an account like the one below to either server1 or server2, the other server crashes when it replicates.   I get notices about it trying to insert UUID and then it crashes.

If memory serves me right, this problem started happening shortly after I changed my syncrepl statement to not include specific attributes, and instead used the default *,+.   Is it possible that the syncrepl is conflicting with the built-in configuration for updating some of the hidden attributes ?   I'm going to try to prove that by not specifying the hidden attributes will not cause my problem. (namely entry*)

I'm kind of at a loss now why it happens


---


cn=Subschema
20080715183635Z
cn=manager,dc=nitle,dc=org
FALSE
b27c9922-e6e8-102c-8813-1b80b3c961ad
uid=trogers@nitle.org,ou=guest,dc=nitle,dc=org
20080715183635.158002Z#000000#002#000000
cn=manager,dc=nitle,dc=org
20080715183635Z
10687
Rogers
/dev/null
10
Tommy Rogers
top
pwdPolicyChecker
posixAccount
person
organizationalPerson
inetOrgPerson
eduPerson


On Jul 15, 2008, at 11:12 AM, Chris G. Sellers wrote:

I have an Multimaster/mirrormode replication that has worked for months.

Someone put some crappy data into the LDAP and then it crashed.

I've spent weeks cleaning up the data, thinking that was causing my replication to crash and core dump one of my two LDAP servers

I have cleaned up the data, loaded all the data from server1 to server2 and turned on the replication again, but I still get core dumps on server2. (server1 never has a problem)

I'm not sure where to go from here.  Any suggestions or anyone else who came across the same problem.  Below are some log and config entries.  Host OS is Solaris10 on server1 and OpenSolaris on server2.   (I have three other openLDAP servers running two with the same replication so I'm somewhat experienced with getting this to work so I'm thinking it's a strange problem I hope someone has run across)


log (server2):
==========
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "cn=manager,dc=nitle,dc=org" "obj
ectClass" requested
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 525403 local4.debug] dn_callback : new entry is older than ours cn=manager,dc=nitle,dc=org
 ours 20080702134355.493573Z#000000#002#000000, new 20080107224745.105385Z#000000#002#000000
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 819441 local4.debug] syncrepl_entry: rid=010 entry unchanged, ignored (cn=manager,dc=nitle
,dc=org)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 977386 local4.debug] syncrepl_entry: rid=010 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 580501 local4.debug] syncrepl_entry: rid=010 inserted UUID c76c7c0c-57fb-102c-9216-63c463e
7d505
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" request
ed
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 565591 local4.debug] syncrepl_entry: rid=010 be_search (0)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 709484 local4.debug] syncrepl_entry: rid=010 ou=guest,dc=nitle,dc=org
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 688566 local4.debug] syncrepl_entry: rid=010 be_add (68)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "ou=guest,dc=nitle,dc=org" "entry
" requested
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "ou=guest,dc=nitle,dc=org" "objectClass" requested
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 525403 local4.debug] dn_callback : new entry is older than ours ou=guest,dc=nitle,dc=org ours 20080715143748.768257Z#000000#002#000000, new 20080115212254.445224Z#000000#001#000000
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 819441 local4.debug] syncrepl_entry: rid=010 entry unchanged, ignored (ou=guest,dc=nitle,dc=org)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 977386 local4.debug] syncrepl_entry: rid=010 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 580501 local4.debug] syncrepl_entry: rid=010 inserted UUID 3a055df6-54c8-102c-9c74-3bd710846f22
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" requested
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 565591 local4.debug] syncrepl_entry: rid=010 be_search (0)
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 709484 local4.debug] syncrepl_entry: rid=010 uid=jbeckelm@coe.edu,ou=guest,dc=nitle,dc=org
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 923158 local4.debug] => access_allowed: search access to "dc=nitle,dc=org" "entry" requested
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 592946 local4.debug] <= root access granted
Jul 15 15:02:50 jy1nitle11.nitle.org ldap2[13468]: [ID 384072 local4.debug] => access_allowed: search access granted by manage(=mwrscxd)
(** CRASHES HERE EVERY TIME **)

conf(server2):
===========
syncrepl rid=010 provider=ldap://ldap1.site.org:389 binddn="cn=mirroracct,ou=replication,dc=nitle,dc=org" bindmethod=simple
        credentials=*** searchbase="dc=nitle,dc=org" type=refreshAndPersist scope=sub
        interval=00:00:00:10 retry="15 5 300 +" timeout=1 schemachecking=off starttls=yes

syncrepl rid=011 provider=ldap://ldap2.site.org:389 binddn="cn=mirroracct,ou=replication,dc=nitle,dc=org" bindmethod=simple
        credentials=*** searchbase="dc=nitle,dc=org" type=refreshAndPersist schemachecking=off scope=sub
        interval=00:00:00:10 retry="15 5 300 +" timeout=1 starttls=yes

overlay syncprov
serverID 2
mirrormode true


Thanks in advance!  

Sellers



++++++++++++++++++++++++++++++++++++++
Chris G. Sellers |  Internet Engineer      |   NITLE
734.661.2318 |  chris.sellers@nitle.org
Jabber: csellers@nitle.org  | AIM: imthewherd


++++++++++++++++++++++++++++++++++++++
Chris G. Sellers |  Internet Engineer      |   NITLE
734.661.2318 |  chris.sellers@nitle.org
Jabber: csellers@nitle.org  | AIM: imthewherd