[Date Prev][Date Next] [Chronological] [Thread] [Top]

overlay unique

To: OpenLDAP Technical <openldap-technical@openldap.org>
Subject: overlay unique
From: "A. Schulze" <sca@andreasschulze.de>
Date: Tue, 14 May 2019 20:03:24 +0200
Content-language: en-US
Dkim-signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=andreasschulze.de; i=@andreasschulze.de; q=dns/txt; s=ed25519; t=1557857003; h=to : from : subject : message-id : date : mime-version : content-type : content-transfer-encoding : from; bh=uqmEYm3DFOjz7A/0Ca7Ba/sEDIzEGAE2DK33SX8XBeA=; b=22tIZ4JfjiLnnSeEGV3VRd23aKv74/Bg7UhUXI85ceHmzDBjdEG3y/pq V3D2kZfhyxyRIUtGaz/AEHkmtz7BDw==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=andreasschulze.de; s=201903-A9C5ADDF; t=1557857003; x=1562857003; bh=uqmEYm3DFOjz7A/0Ca7Ba/sEDIzEGAE2DK33SX8XBeA=; h=To:From:Subject:Message-ID:Date:MIME-Version:Content-Type: Content-Transfer-Encoding:autocrypt:cc:content-transfer-encoding: content-type:date:from:in-reply-to:message-id:mime-version:openpgp: references:subject:to; b=J8dRFh1+gaa0AthdSN5TYuhjBkV1z7/xF26vljekJF/mtWBNfUt9yp7y+SMMz9d3Q AZSKbFyMTrLj/agAEUaVTO9xhG4Rq751tvSJ0lkcgWaTJ/1liyEmDOyrPpUrzZWbdW PbYoVDfQJ3O659rxNtb1qffMQ3sAG4xmi2BOeMNEy58sbop3lGjfkU5RfBrTXOhV+k k2dPLkc3zdXLOObptIFNFiGKcGoTRleVPgvTUao52Mr08laefUADvbAo/BC1/L+CE3 Qx1g1tpi1GT/LOeJJAm6+jtqE6rKAadwqEmotif60ucscp/XBZCY3gVOwJX4uWTOii 3dQvE2zoydCEg==

Hello,

I've a openldap master and numerous sync replica servers running. I'm suspect my master contain mail attributes that aren't unique.
My idea was to build an other sync replica with unique overlay enabled. The 'empty' sync replica will fetch data from master and complain about values that aren't unique.
I would discard that replica, correct the master database and start replication again until replication succeed.

But then there was reality :-/
I placed an deliberately none-unique value in my database but replication did not fail. The replica did contain two DNs with "mail=none-unique@example.test".

syncrepl.conf:

  moduleload mdb.la
  moduleload unique.la

  database mdb
  suffix ou=test
  ...

  overlay unique
  uniqiue_uri ldap:///ou=test?mail?sub?

  index ...
  limits ...

  syncrepl rid=1 privider=ldap://master.example ...

  access ...

Q: is this setup wrong?
Q: is replication the right way to enforce uniqueness? Looks like the answer is "no"
Q: what is "the" better way?

Andreas

Follow-Ups:
- Re: overlay unique
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: accesslog database: overflow or data rotation?
Next by Date: Re: overlay unique
Index(es):
- Chronological
- Thread