[Date Prev][Date Next] [Chronological] [Thread] [Top]

Openldap 2.3 syncrepl filter problem

To: openldap-technical@openldap.org
Subject: Openldap 2.3 syncrepl filter problem
From: Lanfeust troy <lanfeust99@gmail.com>
Date: Thu, 25 Jun 2009 15:56:09 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=9VHtIyTFk7cEHIGAd47wVJlFxOTPOgO9PI0Rhd1uNzo=; b=HFjnuLZhgIe3LJyZEy6yHd5DBafn98Va/+TqziZiNVc8ObiEfibvi9ZsMPZtlxMmj6 77N/qhLKT2MFgdu33LBSji7Tyd7NS1kTRJnaA51ioH6XgV9Mf0+G62JRB7EHlfYsZc14 J7RhaOE8vnZSUPuUKKfO+wYG3y2JPeJg1yBIs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=E79e9cEp/dLeZU0vdpx2IJYRvE/gqjIO1Qf/GUVz8CM3aHQJ2+UME6f8sr0/vrbcC9 0wGkwk9QlCWbd6TL2FxAH1HIGQchShx5nDiqifPtqGc/N4//j8yyRMsJcJbR/SzcZJTB NAX+sXe9X81ZdCU8gahzzau3OX2f81ULUSmzo=

Hi list,

In configuration of provider and consumer server with syncrepl is possible to modify the replication filter for add new user in replica.

In fisrt time the replica is :

syncrepl rid=123
        provider=ldap://rh-test3.kvm.rla:389
        type=refreshOnly
        interval=00:00:01:00
        retry="30 10 600 20"
        searchbase="dc=local"
        filter="(|(objectClass=sambaGroupMapping)(uid=user1))"
        scope=sub
        schemachecking=off
        bindmethod=simple
        binddn="uid=syncrepl,ou=sysusers,dc=local"
        credentials=pwdsyncrepl
        # BEGIN Session TLS
        starttls="critical"
        tls_cacert=__CACERTFILE__
        # End Session TLS

When start the replica server it doing an ldapsearch and retrieve my data in replica.

So now we modify the filter as the following :
filter="(|(objectClass=sambaGroupMapping)(uid=user1)(uid=user2))"

Now when the replica doing the ldapsearch request it do with the new filter but returning numentrie to 0
like this in the log of master LDAP server:

Jun 24 22:40:40 rh-test3 slapd[28012]: conn=83 op=1 BIND dn="uid=syncrepl,ou=sysusers,dc=local" mech=SIMPLE ssf=0
Jun 24 22:40:40 rh-test3 slapd[28012]: conn=83 op=1 RESULT tag=97 err=0 text=
Jun 24 22:40:40 rh-test3 slapd[28012]: conn=83 op=2 SRCH base="dc=local" scope=2 deref=0 filter="(|(objectClass=sambaGroupMapping)(uid=user1)(uid=user2))"
Jun 24 22:40:40 rh-test3 slapd[28012]: conn=83 op=2 SRCH attr=* +
Jun 24 22:40:40 rh-test3 slapd[28012]: conn=83 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=

And when i do ldapsearch manually :

ldapsearch -x -b dc=local -H ldap://rh-test3.kvm.rla "(|(objectClass=sambaGroupMapping)(uid=user1)(uid=user2))"

Jun 24 23:40:38 rh-test3 slapd[28012]: conn=133 op=1 BIND dn="" method=128
Jun 24 23:40:38 rh-test3 slapd[28012]: conn=133 op=1 RESULT tag=97 err=0 text=
Jun 24 23:40:38 rh-test3 slapd[28012]: conn=133 op=2 SRCH base="dc=local" scope=2 deref=0 filter="(|(objectClass=sambaGroupMapping)(uid=user1)(uid=user2))"
Jun 24 23:40:38 rh-test3 slapd[28012]: conn=133 op=2 SEARCH RESULT tag=101 err=0 nentries=13 text=

I don't understand why my new user is not sync !!

thanks for your help,

Prev by Date: Re: OpenLDAP Mirror Mode configuration
Next by Date: Re: ldap auth from external application
Index(es):
- Chronological
- Thread