Re: N-Way Master replication no contextcsn

[espeake@oreillyauto.com]

Thanks we are using 2.4.28 on ubuntu 12.04.

cn=config.ldif:

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
olcServerID: 1 ldap://tntest-ldap-1.oreillyauto.com
olcServerID: 2 ldap://tntest-ldap-2.oreillyauto.com
structuralObjectClass: olcGlobal
entryUUID: f074a7c6-09ed-1030-9529-0bb60fbd91a8
creatorsName: cn=config
createTimestamp: 20110503162710Z
olcSecurity: simple_bind=0
olcSecurity: ssf=0
olcSecurity: tls=0
olcLocalSSF: 0
olcTLSCACertificateFile: /etc/ldap/wildcard.oreillyauto.com.crt
olcTLSCertificateFile: /etc/ldap/wildcard.oreillyauto.com.crt
olcTLSCertificateKeyFile: /etc/ldap/wildcard.oreillyauto.com.key
olcIdleTimeout: 30
olcLogFIle: /var/log/slapd/ldapsync
olcLogLevel: 16384
entryCSN: 20110616153436.707254Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20110616153436Z

olcDatabase{0}config.ldif

dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootDN: cn=admin,cn=config
olcRootPW: secret
structuralObjectClass: olcDatabaseConfig
olcsyncrepl: {0}rid=001 provider=ldap://tntest-ldap-1.oreillyauto.com
uri="ldap://tntest-ldap-1.oreillyauto.com"; type=refreshAndPersist retry="5
+" searchbase="cn=config" bindmethod=simple binddn="cn=admin,cn=config"
credentials=<password>
olcsyncrepl: {1}rid=002 provider=ldap://tntest-ldap-2.oreillyauto.com
uri="ldap://tntest-ldap-2.oreillyauto.com"; type=refreshAndPersist retry="5
+" searchbase="cn=config" bindmethod=simple binddn="cn=admin,cn=config"
credentials=<password>
olcMirrorMode: TRUE
olcAccess: to * by dn="uid=admin,dc=oreillyauto,dc=com" write by
dn="uid=ldapadmin,ou=system,dc=oreillyauto,dc=com" write by * none
entryUUID: f074ba7c-09ed-1030-952b-0bb60fbd91a8
creatorsName: cn=config
createTimestamp: 20110503162710Z
entryCSN: 20110503162710.319234Z#000000#000#000000
modifiersName: cn=config
ModifyTimestamp: 20110503162710Z

olcDatabase{1}hdb.ldif

olcDbIndex: uid eq
olcDbIndex: oreillyGroup eq
olcDbIndex: locationEntry eq
olcDbIndex: counterNumber eq
olcDbIndex: businessCategory eq
olcDbIndex: locationNumber eq
olcDbIndex: position eq
olcDbIndex: title eq,subany
olcDbIndex: givenName eq,subany
olcDbIndex: functionListing eq
olcDbIndex: manager eq
olcDbIndex: sn eq,subany
olcDbIndex: nickName eq,subany
olcDbIndex: employeeNumber eq
olcDbIndex: ou eq
olcDbIndex: entryUUID eq
olcDbIndex: supervisor eq
olcDbIndex: entryCSN eq
olcSyncRepl: {0}rid=004 provider=ldap://tntest-ldap-1.oreillyauto.com
uri="ldap://tntest-ldap-1.oreillyauto.com"; bindmethod=simple
binddn="uid=admin,dc=oreillyauto,dc=com"
credentials=<password>searchbase="dc=oreillyauto,dc=com"
logbase="cn=accesslog" type refreshAndPersist retry="50 +"
olcSyncRepl: {1}rid=005 provider=ldap://tntest-ldap-2.oreillyauto.com
uri="ldap://tntest-ldap-2.oreillyauto.com"; bindmethod=simple
binddn="uid=admin,dc=oreillyauto,dc=com"
credentials=<password>searchbase="dc=oreillyauto,dc=com"
logbase="cn=accesslog" type refreshAndPersist retry="50 +"
olcMirrorMode: TRUE
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcHdbConfig
entryUUID: 5d3c8434-0acd-1030-95eb-4165b688bcbf
creatorsName: cn=config
createTimestamp: 20110504190630Z
olcLimits: {0}dn.exact="uid=admin,ou=System,dc=oreillyauto,dc=com" time.so
 ft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
olcLimits: {1}dn.exact="uid=readOnlyUser,ou=System,dc=oreillyauto,dc=com"
time
 .soft=unlimited time.hard=unlimited size.soft=unlimited
size.hard=unlimited
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
anonymous auth by dn="uid=admin,dc=oreillyauto,dc=com" write by
dn="uid=ldapadmin,ou-system,dc=oreillyauto,dc=com" read by * none
olcAccess: {1}to dn.subtree="dc=oreillyauto,dc=com" by
group/groupOfUniqueName
 s/uniqueMember="cn=System Administrators,ou=Groups,dc=oreillyauto,dc=com"
wri
 te by group/groupOfUniqueNames/uniqueMember="cn=LDAP
Admin,ou=Groups,dc=oreil
 lyauto,dc=com" write by * none break
olcAccess: {2}to attrs=userPassword by
group/groupOfUniqueNames/uniqueMember="
 cn=Authenticate,ou=Groups,dc=oreillyauto,dc=com" write by anonymous auth
by s
 elf write
olcAccess: {3}to attrs=uid by anonymous read by users read
olcAccess: {4}to attrs=ou,employeeNumber by users read
olcAccess: {5}to dn.subtree="ou=System,dc=oreillyauto,dc=com" by
dn.subtree="o
 u=Users,dc=oreillyauto,dc=com" none by users read
olcAccess: {6}to dn.children="ou=Groups,dc=oreillyauto,dc=com" by
dnattr=owner
  write by dnattr=uniqueMember read by * none
olcAccess: {7}to dn.children="ou=Users,dc=oreillyauto,dc=com" by self read
by

group/groupOfUniqueNames/uniqueMember="cn=Authenticate,ou=Groups,dc=oreillyau
 to,dc=com" read by * none
olcAccess: {8}to * by self read by users read
entryCSN: 20110915141524.047299Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20110915141524Z

olcDatabase{-1}frontend.ldif

dn: olcDatabase={-1}frontend
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcSizeLimit: 500
olcSecurity: ssf=0
olcSecurity: tls=0
olcSecurity: update_ssf=0
olcSecurity: simple_bind=0
structuralObjectClass: olcDatabaseConfig
entryUUID: f074b130-09ed-1030-952a-0bb60fbd91a8
creatorsName: cn=config
createTimestamp: 20110503162710Z
entryCSN: 20110503162710.318995Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20110503162710Z

The file metioned in the srror looks like this.

dn: olcOverlay={4}syncprov
objectClass: olcSyncProvConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
olcOverlay: {4}syncprov
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
structuralObjectClass: olcSyncProvConfig
entryUUID: 1b49aa46-263b-1030-8326-f98fc9d5aed6
creatorsName: cn=admin,cn=config
createTimestamp: 20110608165005Z
entryCSN: 20110608165005.984980Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20110608165005Z

I need to be able to sync both schema and data in this instance.  Thank you
for your help.

Eric Speake
Web Systems Administrator
O'Reilly Auto Parts



From:	Quanah Gibson-Mount <quanah@zimbra.com>
To:	espeake@oreillyauto.com, openldap-technical@openldap.org
Date:	07/26/2013 04:44 PM
Subject:	Re: N-Way Master replication no contextcsn
Sent by:	openldap-technical-bounces@OpenLDAP.org



--On Friday, July 26, 2013 4:18 PM -0500 espeake@oreillyauto.com wrote:

>
> Trying a different method of replication to suit or need and I set up two
> test servers for n-way master mirroring servers.  Both servers have the
> same configuration being fed to them through puppet.  In the logs I can
> see them bind and check cookies but I get CSN too old, ignoring
> 20110608165005.984980Z#000000#000#000000 (olcOverlay=
> {4}syncprov,olcDatabase={1}hdb,cn=config)  THen the last slapd entry in
> the log is rid=002
> cookie=rid=002,sid=002,csn=20110915141524.047299Z#000000#000#000000 and
> then nothing else happens.  If I make a change to user it never syncs to
> the other server.
>
> At this point I don't know what to look at or what you might want to look
> at to help diagnose the problem.  I followed the documentation in the
> admin guide to set this up.

Please start by providing your OpenLDAP version.  It would also be useful
for you to provide your replication configuration between the two servers
(minus passwords).

--Quanah

--

Quanah Gibson-Mount
Lead Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration


--
This message has been scanned for viruses and dangerous content,
and is believed to be clean.
  Message id: C7650600A36.ADE2D




This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.