[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: N-way multimaster error code 53 - shadow context

To: openldap-technical@openldap.org
Subject: Re: N-way multimaster error code 53 - shadow context
From: Adrien Futschik <adrien.futschik@atosorigin.com>
Date: Thu, 19 Feb 2009 12:00:55 +0100
Cc: Jonathan Clarke <jclarke@linagora.com>
Content-disposition: inline
In-reply-to: <499D36B8.20001@linagora.com>
Organization: Atos Origin
References: <200902191036.37816.adrien.futschik@atosorigin.com> <499D36B8.20001@linagora.com>
User-agent: KMail/1.11.0 (Linux/2.6.27.15-170.2.24.fc10.i686.PAE; KDE/4.2.0; i686; ; )

Le jeudi 19 février 2009 11:38:48, Jonathan Clarke a écrit :
> On 19.02.2009 10:36, Adrien Futschik wrote:
> > Hy !
> >
> > it's me again :)
>
> Hi again Adrien ;)
>
> > I am still testing n-way multi master replication with OpenLDAP 2.4.14. I
> > don't know why I could modify my olcSyncrepl attribute from my data bdb.
> >
> > I am binding with cn=config, and I can modify the olcSyncrepl attribute
> > from olcDatabase={0}config, but not from olcDatabase={1}bdb !
> >
> > I am getting this error :
> > 08:57:25: Failed to update entry olcDatabase={1}bdb, cn=config
> > Reason: [LDAP: error code 53 - shadow context; no update referral]
> >
> > This appends on both masters. Is this supposed to be like that ? I have
> > configured cn=config to replicate, this should work right ?
>
> When you configure a database with syncrepl replication, it is marked as
> a shadow context. This makes sense for the general case when a database
> is a "slave" of a master server. Trying to update a shadowed database
> will return the "shadow context; no update referral" error, unless a
> "updateref" is set on that DB.
>
> However, if you're using multi-master, and have set mirrormode on, this
> should no longer be the case, and all updates will be accepted.
>
> So you should check:
> 1) That mirrormode is on
> 2) That your slapd listeners match your syncrepl providers, as I
> suggested in another thread
>
> If this is all the case, please give us your configuration, and tell us
> what operations you do that lead to this situation.
>
> Regards,
> Jonathan

I have been doing some more tests :
I have removed all olcSyncrepl attributes from olcDatabase={1}bdb and
recreated them and here is what netstat showed me :
[webadm@ntrsz00o scripts]$ netstat -a |grep 9011 | grep ntr.edfgdf; netstat -a 
|grep 9012 |grep ntr.edfgdf
tcp        0      0 ntrsz00o:60409              ntrs000n.ntr.edfgdf.fr:9011 
ESTABLISHED                   
tcp        0      0 ntrsz00o:9012               ntrs000n.ntr.edfgdf.f:43952 
ESTABLISHED                   
tcp        0      0 ntrsz00o:9012               ntrs000n.ntr.edfgdf.f:37855 
ESTABLISHED                   
tcp        0      0 ntrsz00o:9012               ntrs000n.ntr.edfgdf.f:48601 
ESTABLISHED

in normal situation it should look like this :
tcp        0      0 ntrsz00o:55428              ntrs000n.ntr.edfgdf.fr:9011 
ESTABLISHED
tcp        0      0 ntrsz00o:55429              ntrs000n.ntr.edfgdf.fr:9011 
ESTABLISHED
tcp        0      0 ntrsz00o:9012               ntrs000n.ntr.edfgdf.f:38341 
ESTABLISHED
tcp        0      0 ntrsz00o:9012               ntrs000n.ntr.edfgdf.f:38340 
ESTABLISHED

The replication doen't work anymore. When I try to update an entry, I am 
always getting this message  :
11:31:04: Failed to update entry cn=M2client2@laposte.net, ou=clients, o=edf, 
c=fr
Reason: [LDAP: error code 53 - shadow context; no update referral]

Whether I am trying to update on M1 or M2 doesn't matter. The only way I could 
get things back to normal, was to restart M1 & M2 (not sure restarting M2 was 
necessary)

Here is my configuration (sorry if it is hard to read):
M1 :
/appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
structuralObjectClass: olcGlobal
entryUUID: 7d0731dd-547a-4b58-955a-c597dbbfbea7
creatorsName: cn=config
createTimestamp: 20090219091451Z
olcServerID: 1 ldap://163.106.38.90:9011/
olcServerID: 2 ldap://163.106.38.92:9012/
entryCSN: 20090219091452.602209Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090219091452Z
contextCSN: 20090219103440.107501Z#000000#001#000000
contextCSN: 20090219103305.835740Z#000000#002#000000

/appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={0}config.ldif
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk=
structuralObjectClass: olcDatabaseConfig
entryUUID: 6b585f67-6b76-45df-a1f8-adc962b0a2fe
creatorsName: cn=config
createTimestamp: 20090219091451Z
olcSyncrepl: {0}rid=001 provider=ldap://163.106.38.90:9011/ binddn="cn=config"
  bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP
 ersist retry="5 5 300 2" timeout=3
olcSyncrepl: {1}rid=002 provider=ldap://163.106.38.92:9012/ binddn="cn=config"
  bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP
 ersist retry="5 5 300 2" timeout=3
olcMirrorMode: TRUE
entryCSN: 20090219094438.413960Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090219094438Z

/appli/projects/m1/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={1}bdb.ldif
dn: olcDatabase={1}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcDbDirectory: ./openldap-data
olcSuffix: c=fr
olcRootDN: cn=admin,c=fr
olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk=
olcMirrorMode: TRUE
olcDbIndex: default pres,eq
olcDbIndex: cn,sn pres,eq,sub
olcDbIndex: objectClass,entryCSN,entryUUID,seeAlso eq
olcDbIndex: mail,givenName,uid pres,eq,sub
structuralObjectClass: olcBdbConfig
entryUUID: f4e1cd2c-8db0-4d47-86a7-5a7231e19914
creatorsName: cn=config
createTimestamp: 20090219091458Z
olcSyncrepl: {0}rid=004 provider=ldap://163.106.38.90:9011/ binddn="cn=admin,c
 =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe
 rsist retry="5 5 300 2" timeout=3
olcSyncrepl: {1}rid=005 provider=ldap://163.106.38.92:9012/ binddn="cn=admin,c
 =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe
 rsist retry="5 5 300 2" timeout=3
entryCSN: 20090219103440.107501Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090219103440Z

M2 :
/appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
structuralObjectClass: olcGlobal
entryUUID: 7cf95e72-e15a-47b8-923f-bb1910b26bb1
creatorsName: cn=config
createTimestamp: 20090219091456Z
olcServerID: 1 ldap://163.106.38.90:9011/
olcServerID: 2 ldap://163.106.38.92:9012/
entryCSN: 20090219091457.428606Z#000000#002#000000
modifiersName: cn=config
modifyTimestamp: 20090219091457Z
contextCSN: 20090219103440.107501Z#000000#001#000000
contextCSN: 20090219103305.835740Z#000000#002#000000

/appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={0}config.ldif
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk=
entryUUID: 6b585f67-6b76-45df-a1f8-adc962b0a2fe
createTimestamp: 20090219091451Z
olcSyncrepl: {0}rid=001 provider=ldap://163.106.38.90:9011/ binddn="cn=config"
  bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP
 ersist retry="5 5 300 2" timeout=3
olcSyncrepl: {1}rid=002 provider=ldap://163.106.38.92:9012/ binddn="cn=config"
  bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndP
 ersist retry="5 5 300 2" timeout=3
olcMirrorMode: TRUE
structuralObjectClass: olcDatabaseConfig
creatorsName: cn=config
entryCSN: 20090219094438.413960Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090219094438Z

/appli/projects/m2/openldap_2.4.14/conf/slapd.d/cn=config/olcDatabase={1}bdb.ldif
dn: olcDatabase={1}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcDbDirectory: ./openldap-data
olcSuffix: c=fr
olcRootDN: cn=admin,c=fr
olcRootPW:: e1NTSEF9MXR3c0g3UXlManFFUzQxYVZGUW9lcWdRY0JKaVhnblk=
olcMirrorMode: TRUE
olcDbIndex: default pres,eq
olcDbIndex: cn,sn pres,eq,sub
olcDbIndex: objectClass,entryCSN,entryUUID,seeAlso eq
olcDbIndex: mail,givenName,uid pres,eq,sub
structuralObjectClass: olcBdbConfig
entryUUID: f4e1cd2c-8db0-4d47-86a7-5a7231e19914
creatorsName: cn=config
createTimestamp: 20090219091458Z
olcSyncrepl: {0}rid=004 provider=ldap://163.106.38.90:9011/ binddn="cn=admin,c
 =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe
 rsist retry="5 5 300 2" timeout=3
olcSyncrepl: {1}rid=005 provider=ldap://163.106.38.92:9012/ binddn="cn=admin,c
 =fr" bindmethod=simple credentials=secret searchbase="c=fr" type=refreshAndPe
 rsist retry="5 5 300 2" timeout=3
entryCSN: 20090219103440.107501Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20090219103440Z


Thanks in advance for your support,

Adrien

Follow-Ups:
- Re: N-way multimaster error code 53 - shadow context
  - From: Jonathan Clarke <jclarke@linagora.com>

References:
- N-way multimaster error code 53 - shadow context
  - From: Adrien Futschik <adrien.futschik@atosorigin.com>
- Re: N-way multimaster error code 53 - shadow context
  - From: Jonathan Clarke <jclarke@linagora.com>

Prev by Date: Re: N-way multimaster error code 53 - shadow context
Next by Date: RE: Usermod problems with ldap
Index(es):
- Chronological
- Thread