I have two machines, both with two databases on them. The first database is
local and the second one, I'm attempting to share.
On hackberry (aka ldap.vircio.com), I have this entry:
database ldbm
lastmod on
suffix "o=vircio, c=US"
directory /export/ldap/vircio-admin
rootdn "cn=Manager, o=vircio, c=US"
rootpw {crypt}$1$9zAxe4aa$QOjX4YbL0idZlVs9BBN2m.
replica host=ldap.deepeddy.com
binddn="cn=Manager, o=vircio, u=US"
bindmethod=simple credentials=[[deleted]]
replogfile /export/ldap/replog
defaultaccess read
access to attr=userpassword
by self write
by dn="cn=Manager, dc=vircio, c=US" write
by * compare
on deepeddy (aka ldap.deepeddy.com), I have this entry:
database ldbm
lastmod on
suffix "o=vircio, c=US"
directory /export/ldap/vircio-admin
rootdn "cn=Manager, o=vircio, c=US"
rootpw {crypt}$1$9zAxe4aa$QOjX4YbL0idZlVs9BBN2m.
updatedn "cn=Manager, o=vircio, c=US"
defaultaccess read
access to attr=userpassword
by self write
by dn="cn=Manager, o=vircio, c=US" write
by * compare
When I try to delete an entry on hackberry, I get this in its log:
Jan 12 14:23:23 hackberry slapd[11810]: conn=17 fd=18 connection from localhost (127.0.0.1) accepted.
Jan 12 14:23:23 hackberry slapd[12649]: conn=17 op=0 BIND dn="CN=MANAGER,O=VIRCIO,C=US" method=128
Jan 12 14:23:23 hackberry slapd[12649]: conn=17 op=0 RESULT err=0 tag=97 nentries=0
Jan 12 14:23:23 hackberry slapd[12650]: DEL dn="CN=FLOPPY,OU=GROUP,O=VIRCIO,C=US"
Jan 12 14:23:23 hackberry slapd[12650]: conn=17 op=1 RESULT err=0 tag=107 nentries=0
Jan 12 14:23:23 hackberry slapd[11810]: conn=17 op=-1 fd=18 closed errno=0
Jan 12 14:23:23 hackberry slapd[12651]: conn=17 op=2 UNBIND
and this in deepeddy's log:
Jan 12 14:23:25 deepeddy slapd[2898]: DEL dn="CN=FLOPPY,OU=GROUP,O=VIRCIO,C=US"
Jan 12 14:23:25 deepeddy slapd[2898]: conn=16 op=2 RESULT err=32 tag=107 nentries=0
(Hmmm, looks like I have some clock skew)
replog looks like this afterwards:
-rw-r--r-- 1 root root 0 Jan 12 14:23 replog
-rw-r--r-- 1 root root 0 Jan 12 14:23 replog.lock
and there's no sign of any reject file.
The entry is gone from hackberry, but not from deepeddy.
oops...I found the reject file. It was in /var/tmp, not in /export/ldap, so
the slapd/slurpd guide is wrong on that...
Anyway, here's the entry for the undeleted object:
ERROR: No such object
replica: ldap.deepeddy.com:0
time: 947708603.0
dn: CN=FLOPPY,OU=GROUP,O=VIRCIO,C=US
changetype: delete
I can see the object there using web2ldap.
Could the error be because it's not the first database on deepeddy, but instead
is the second?
Chris
--
Chris Garrigues virCIO
http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com
+1 512 432 4046 +1 512 374 0500
4314 Avenue C
O- Austin, TX 78751-3709
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
Attachment:
pgpwBAGQtgALx.pgp
Description: PGP signature