[Date Prev][Date Next] [Chronological] [Thread] [Top]

Openldap Synch problem

Hi,

 

 

I have 2  Openldaps  that are configured for replication one is on site, the other is a remote.  They are connected via a VPN tunnel and every time there is a connection problem between the two  the replication fails, but I have to  stop the services on the remote, delete the database and start a fresh replication.   Is there a way that I can configure the remote to force it to re-synch  without having to delete the database and start all over again?

 

This is what I see in the log after connection gets re-established:

 

Nov  6 11:37:39 LDAP-TLS-2 slapd[4903]: slap_graduate_commit_csn: removing 0x1cffefb0 20131106163739.780633Z#000000#000#000000

Nov  6 11:37:50 LDAP-TLS-2 slapd[4903]: do_syncrep2: rid=006 LDAP_RES_SEARCH_RESULT

Nov  6 11:37:50 LDAP-TLS-2 slapd[4903]: do_syncrepl: rid=006 rc -2 retrying

Nov  6 11:38:28 LDAP-TLS-2 slapd[4903]: slap_queue_csn: queing 0x41d1be70 20131106163828.873440Z#000000#000#000000

Nov  6 11:38:28 LDAP-TLS-2 slapd[4903]: slap_graduate_commit_csn: removing 0x1d10d1f0 20131106163828.873440Z#000000#000#000000

Nov  6 11:38:39 LDAP-TLS-2 slapd[4903]: slap_queue_csn: queing 0x41d1c0e0 20131106163839.682221Z#000000#000#000000

Nov  6 11:38:39 LDAP-TLS-2 slapd[4903]: slap_graduate_commit_csn: removing 0x1d3f3fc0 20131106163839.682221Z#000000#000#000000

Nov  6 11:38:49 LDAP-TLS-2 slapd[4903]: slap_queue_csn: queing 0x4251ce70 20131106163849.281885Z#000000#000#000000

Nov  6 11:38:49 LDAP-TLS-2 slapd[4903]: slap_graduate_commit_csn: removing 0x1d369af0 20131106163849.281885Z#000000#000#000000

Nov  6 11:38:50 LDAP-TLS-2 slapd[4903]: do_syncrep2: rid=006 LDAP_RES_SEARCH_RESULT

Nov  6 11:38:50 LDAP-TLS-2 slapd[4903]: do_syncrepl: rid=006 rc -2 retrying.

 

 

 

This is the config of the remote for synrepl

syncrepl rid=006

  provider=ldap://192.168.19.43

  tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem

  tls_key=/etc/pki/tls/private/ldap-tls.curry.edu.key.pem

  tls_cacert=/etc/pki/tls/certs/cacert.pem

  tls_reqcert=demand

  searchbase="dc=curry,dc=edu"

  schemachecking=on

  timelimit=unlimited

  sizelimit=unlimited

  type=refreshAndPersist

  retry="60 +"

  keepalive=240:10:30

 

 

Thank You