[Date Prev][Date Next] [Chronological] [Thread] [Top]

Multi Master syncrepl issue



Hello,
This is my first post to this list and unfortunately I come here with a problem. I'm not new to LDAP but I am new to OpenLDAP especially the 2.4 release. 
I am trying to get multi master replication working and I've read the documentation several times. I did wonder if this might be a bug but I still think it's probably a misunderstanding on my part.

I have 2 servers configured for multi master replcation which I will refer to as server A and B. If I start both servers I can make changes on server A which are immediately replicated to server B. However if I then start making changes to server B I don't see replication back to A. The same thing happens if I initiate replication from B, then replication to A works but not the other way around. i.e. replication only works in 1 direction which is determined by which server I make changes on first. I am using slapd.conf as I didn't want to complicate matters by introducing online config. The specific version is 2.4.31. Connectivity between the servers is working fine - I can perform LDAP operations in both directions.
If someone could take a look at my config I'd much appreciate it. 

Thanks
Neil


#slapd.conf Server A (10.5.1.110)

pidfile                 /usr/local/openldap/var/run/slapd.pid
argsfile                /usr/local/openldap/var/run/slapd.args

include                 /usr/local/openldap/etc/schema/core.schema
include                 /usr/local/openldap/etc/schema/cosine.schema
include                 /usr/local/openldap/etc/schema/solaris.schema
include                 /usr/local/openldap/etc/schema/inetorgperson.schema
include                 /usr/local/openldap/etc/schema/DUAConfigProfile.schema
include                 /usr/local/openldap/etc/schema/sudo.schema

modulepath              /usr/local/openldap/libexec
moduleload              syncprov.la

access to attrs=userPassword
        by self write
        by * auth
        by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write

access to dn.base=""
        by * read

access to *
        by self write
        by users read
        by anonymous read

serverID                1

database                hdb
suffix                  "dc=example,dc=com"
rootdn                  "cn=Manager,dc=example,dc=com"
rootpw                  {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod                 on

directory               /usr/local/openldap/var/openldap-data

index                   objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index                   cn,sn,gn,mail   eq,sub

syncrepl rid=001
        provider=ldap://10.7.82.3
        type=refreshAndPersist
        searchbase="dc=example,dc=com"
        attrs="*,+"
        bindmethod=simple
        binddn="cn=manager,dc=example,dc=com"
        credentials="secret"

mirrormode              TRUE

overlay                 syncprov
syncprov-checkpoint     100 10
syncprov-sessionlog     100
#######################################################

#slapd.conf server B (10.7.82.3)

pidfile                 /usr/local/openldap/var/run/slapd.pid
argsfile                /usr/local/openldap/var/run/slapd.args

include                 /usr/local/openldap/etc/schema/core.schema
include                 /usr/local/openldap/etc/schema/cosine.schema
include                 /usr/local/openldap/etc/schema/solaris.schema
include                 /usr/local/openldap/etc/schema/inetorgperson.schema
include                 /usr/local/openldap/etc/schema/DUAConfigProfile.schema
include                 /usr/local/openldap/etc/schema/sudo.schema


modulepath              /usr/local/openldap/libexec

moduleload              syncprov.la


access to attrs=userPassword
        by self write
        by * auth
        by dn="cn=ldapclient,ou=profile,dc=example,dc=com" write

access to dn.base=""
        by * read

access to *
        by self write
        by users read
        by anonymous read

serverID                2

database                hdb
suffix                  "dc=example,dc=com"
rootdn                  "cn=Manager,dc=example,dc=com"
rootpw                  {SSHA}pnqaqMcoMhnDbSRa9WAgDbhBMr/QnUGY
lastmod                 on

directory               /usr/local/openldap/var/openldap-data

index                   objectclass,uid,uidNumber,memberUid,entryCSN,entryUUID,automountKey eq
index                   cn,sn,gn,mail   eq,sub

syncrepl rid=001
        provider=ldap://10.5.1.110
        type=refreshAndPersist
        searchbase="dc=example,dc=com"
        attrs="*,+"
        bindmethod=simple
        binddn="cn=manager,dc=example,dc=com"
        credentials="secret"

mirrormode              TRUE

overlay                 syncprov
syncprov-checkpoint     100 10
syncprov-sessionlog     100
#######################################################