[Date Prev][Date Next] [Chronological] [Thread] [Top]

About issues with syncprov configuration



Hey Guys, how are you doing ?

Well, I have the follow environment:

**Server 1:

/etc/openldap/slapd.conf ( Port 389 )
modulepath      /usr/local/openldap/lib64/
moduleload      back_ldap
moduleload      translucent
moduleload      dynlist
moduleload      back_monitor
backend         mdb
backend         ldap

allow           bind_v2
allow           bind_anon_dn

database        mdb
directory       /usr/local/openldap/var/openldap-translucent
suffix          "dc=br"
rootdn          "ZZZZZZ"
rootpw          ZZZZZZZ
maxsize         4294967296
sizelimit       100000
overlay         translucent
uri             "ldap://localhost:1389/"
translucent_bind_local on
translucent_pwmod_local on
translucent_local       XXXXX
idassert-bind   bindmethod=none

overlay dynlist
dynlist-attrset groupOfURLs memberURL member:uniqueMember

In the port 1389:
/etc/openldap/slapd-syncrepl.conf

# syncrepl directives
syncrepl  rid=0
               provider=ldap://Production_Server:389
               bindmethod=simple
               binddn="ZZZZZZZZZZZZZZZ"
               credentials=XXXXXXXXX
               searchbase="dc=br"
               logbase="cn=accesslog"
               logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"
               type=refreshAndPersist
               retry="60 +"
               syncdata=accesslog

# Refer updates to the master
updateref ldap://Production_Server:389

**Server 2:

Same Configuration





Now, I need to add a new server, but without a translucent configuration, only a consumer.

So, I tried this:

modulepath      /usr/local/openldap/lib64/
moduleload      back_ldap
moduleload      translucent
moduleload      dynlist
moduleload      back_monitor
backend         mdb
backend         ldap

allow           bind_v2
allow           bind_anon_dn

# Modulos para Delta-syncrepl
modulepath /usr/local/openldap/lib64
moduleload accesslog
moduleload syncprov
moduleload dynlist

moduleload back_hdb
database hdb
suffix cn=accesslog
directory /usr/local/openldap/var/openldap-accesslog
rootdn cn=accesslog
rootpw XXXXXXXXXXXXXXXXXXXXXXXXX
checkpoint 256 30
index default eq
index entryCSN,objectClass,reqEnd,reqResult,reqStart

# Replication
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE

limits dn.exact="XXXXXXXX" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited

database        mdb
directory       /usr/local/openldap/var/openldap-translucent
suffix          "dc=br"

rootdn          "XXXXXXXXXXXXX"
rootpw          XXXXXXXXXXXXXXXXXXXXX
maxsize         4294967296
sizelimit       100000
checkpoint 256 30
overlay         translucent
uri             "ldap://localhost:1389/"
translucent_bind_local on
translucent_pwmod_local on
translucent_local       XXXXXXXXXXXXXXXXXXXXXXXXX
idassert-bind   bindmethod=none

overlay dynlist
dynlist-attrset groupOfURLs memberURL member:uniqueMember

# syncrepl Provider for primary db
overlay syncprov
syncprov-checkpoint 1000 60

# accesslog overlay definitions for primary db
overlay accesslog
logdb cn=accesslog
logops writes
logsuccess TRUE

logpurge 07+00:00 01+00:00



But, I got this error:

55c25369 hdb_db_open: "cn=accesslog"
55c25369 hdb_db_open: database "cn=accesslog": unclean shutdown detected; attempting recovery.
55c25369 hdb_db_open: warning - no DB_CONFIG file found in directory /usr/local/openldap/var/openldap-accesslog: (2).
Expect poor performance for suffix "cn=accesslog".
55c25369 hdb_db_open: database "cn=accesslog": recovery skipped in read-only mode. Run manual recovery if errors are encountered.
55c25369 mdb_db_open: "dc=br"
55c25369 syncprov_db_open: invalid config, lastmod must be enabled
55c25369 backend_startup_one (type=mdb, suffix="dc=br"): bi_db_open failed! (-1)
slap_startup failed (test would succeed using the -u switch)


What is wrong ?