[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: number of contextcsn entries per database



PJunod@mediageneral.com wrote:
I have setup two ldap servers for authentication and access control in a
multi-master configuration. I am concerned about the number of contextcsn
entries that are supposed to be present in each database. Right now there are
two servers participating in the multi-master configuration. From my
understanding, there should be one contextCSN entry per database per host. My
cn=config database has two contextCSN entries as I would expect. One for each
syncrepl rid configured. My bdb database only has one contextCSN entry though,
with an rid of just “000”. (my rid’s are 001, 002, 101, and 102)

ContextCSN is an attribute. Attributes have values, they do not have entries.

CSNs carry SIDs not RIDs.

If you don't use the correct terminology no one will understand what you're talking about.

If a database contains changes from more than one server, then its contextCSN should contain more than one value, and each value should have distinct SIDs. But the SIDs will only be used correctly if the URLs in the ServerID directive match the actual URLs given to the slapd -h option.

Replication seems to work fine on both databases. I can write to either one
and the changes are replicated over immediately. I am just curious about this
discrepancy in the number of contextCSN entries. Could someone confirm the
number of contextCSN entries per database and if it should match the number of
hosts participating in the multi-master replication? Here are some relevant
settings for the replication:

dn: cn=config

olcServerID: 1 ldap://<server1>

olcServerID: 2 ldap://<server2>

#######################

# module{0}, config

dn: cn=module{0},cn=config

objectClass: olcModuleList

cn: module{0}

olcModulePath: /usr/lib64/openldap2.4

olcModuleLoad: {0}syncprov.la

#######################

# {0}config, config

dn: olcDatabase={0}config,cn=config

olcSyncrepl: {0}rid=001 provider=ldap://<server1> binddn="cn=Ma

nager,cn=config" bindmethod=simple credentials=<password> searchbase="cn=config

" type=refreshAndPersist retry="5 500 5 +" timeout=1 starttls=yes

olcSyncrepl: {1}rid=002 provider=ldap://<server2> binddn="cn=Ma

nager,cn=config" bindmethod=simple credentials=<password> searchbase="cn=config

" type=refreshAndPersist retry="5 500 5 +" timeout=1 starttls=yes

olcMirrorMode: TRUE

#######################

# {0}syncprov, {0}config, config

dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config

objectClass: olcOverlayConfig

objectClass: olcSyncProvConfig

olcOverlay: {0}syncprov

#######################

# {1}bdb, config

dn: olcDatabase={1}bdb,cn=config

olcSyncrepl: {0}rid=101 provider=ldap://<server1> binddn="cn=Ma

nager,dc=mgcorp,dc=net" bindmethod=simple credentials=<password> searchbase="dc

=mgcorp,dc=net" type=refreshAndPersist interval=00:00:00:10 retry="5 500 5 +"

timeout=1 starttls=yes

olcSyncrepl: {1}rid=102 provider=ldap://<server2> binddn="cn=Ma

nager,dc=mgcorp,dc=net" bindmethod=simple credentials=<password> searchbase="dc

=mgcorp,dc=net" type=refreshAndPersist interval=00:00:00:10 retry="5 500 5 +"

timeout=1 starttls=yes

olcMirrorMode: TRUE

##############################

Here are the results of searches for contextCSN in cn=config and dc=mgcorp,dc=net:

ldapsearch -x -W -s base -D "cn=Manager,cn=config" -h "<server2>" -b
"cn=config" contextCSN

contextCSN: 20101110214932.998233Z#000000#000#000000

contextCSN: 20101028121213.444193Z#000000#001#000000

ldapsearch -x -W -s base -D "cn=Manager,dc=mgcorp,dc=net" -h "<server2>" -b
"dc=mgcorp,dc=net" contextCSN

contextCSN: 20101110213409.736943Z#000000#000#000000



--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/