[Date Prev][Date Next] [Chronological] [Thread] [Top]

Multi Master



I am having issues getting multi master replication to work.  Both ldap
servers are constantly updating each other. The slurpd output on each
server resembles:

read1msg: msgid 128, all 1
ber_get_next
ldap_read: want=8, got=8
  0000:  30 0d 02 02 00 80 67 07                            0.....g.
ldap_read: want=7, got=7
  0000:  0a 01 00 04 00 04 00                               .......
ber_get_next: tag 0x30 len 13 contents:
ldap_read: message type modify msgid 128, original id 128
ber_scanf fmt ({iaa) ber:
read1msg:  0 new referrals
read1msg:  mark request completed, id = 128
request 128 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 128, msgid 128)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_modify_ext
ldap_send_initial_request
ldap_send_server_request
ber_flush: 140 bytes to sd 7
  0000:  30 81 89 02 02 00 81 66  66 04 28 63 6e 3d 61 75
0......ff.(cn=au
  0010:  74 68 30 32 2c 6f 75 3d  52 65 70 55 73 65 72 73
th02,ou=RepUsers
  0020:  2c 64 63 3d 72 65 67 69  73 74 65 72 2c 64 63 3d
,dc=testingr,dc=
  0030:  63 6f 6d 30 3a 30 38 0a  01 02 30 33 04 0c 75 73
com0:08...03..us
  0040:  65 72 50 61 73 73 77 6f  72 64 31 23 04 21 7b 53
erPassword1#.!{S
  0050:  48 41 7d 70 37 65 79 6d  7a 53 4e 2f 69 34 66 33
HA}p7eymzSN/i4f3
  0060:  4c 4c 67 48 43 38 58 4d  6a 78 71 55 36 55 3d a0
LLgHC8XMjxqU6U=.
  0070:  1b 30 19 04 17 32 2e 31  36 2e 38 34 30 2e 31 2e
.0...2.16.840.1.
  0080:  31 31 33 37 33 30 2e 33  2e 34 2e 32               113730.3.4.2
ldap_write: want=140, written=140
  0000:  30 81 89 02 02 00 81 66  66 04 28 63 6e 3d 61 75
0......ff.(cn=au
  0010:  74 68 30 32 2c 6f 75 3d  52 65 70 55 73 65 72 73
th02,ou=RepUsers
  0020:  2c 64 63 3d 72 65 67 69  73 74 65 72 2c 64 63 3d
,dc=testing,dc=
  0030:  63 6f 6d 30 3a 30 38 0a  01 02 30 33 04 0c 75 73
com0:08...03..us
  0040:  65 72 50 61 73 73 77 6f  72 64 31 23 04 21 7b 53
erPassword1#.!{S
  0050:  48 41 7d 70 37 65 79 6d  7a 53 4e 2f 69 34 66 33
HA}p7eymzSN/i4f3
  0060:  4c 4c 67 48 43 38 58 4d  6a 78 71 55 36 55 3d a0
LLgHC8XMjxqU6U=.
  0070:  1b 30 19 04 17 32 2e 31  36 2e 38 34 30 2e 31 2e
.0...2.16.840.1.
  0080:  31 31 33 37 33 30 2e 33  2e 34 2e 32               113730.3.4.2
ldap_result msgid 129
ldap_chkResponseList for msgid=129, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 129
wait4msg continue, msgid 129, all 1
** Connections:
* host: auth01.nyat.testing.com  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Tue Apr 13 09:40:53 2004

** Outstanding Requests:
 * msgid 129,  origid 129, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=129, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 129, all 1
ber_get_next
ldap_read: want=8, got=8
  0000:  30 0d 02 02 00 81 67 07                            0.....g.
ldap_read: want=7, got=7
  0000:  0a 01 00 04 00 04 00                               .......
ber_get_next: tag 0x30 len 13 contents:
ldap_read: message type modify msgid 129, original id 129
ber_scanf fmt ({iaa) ber:
read1msg:  0 new referrals
read1msg:  mark request completed, id = 129
request 129 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 129, msgid 129)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
^Cldap_unbind
ldap_free_connection
ldap_send_unbind
ber_flush: 37 bytes to sd 7
  0000:  30 23 02 02 00 82 42 00  a0 1b 30 19 04 17 32 2e
0#....B...0...2.
  0010:  31 36 2e 38 34 30 2e 31  2e 31 31 33 37 33 30 2e
16.840.1.113730.
  0020:  33 2e 34 2e 32                                     3.4.2
ldap_write: want=37, written=37
  0000:  30 23 02 02 00 82 42 00  a0 1b 30 19 04 17 32 2e
0#....B...0...2.
  0010:  31 36 2e 38 34 30 2e 31  2e 31 31 33 37 33 30 2e
16.840.1.113730.
  0020:  33 2e 34 2e 32                                     3.4.2


Both of my slapd instances were built thusly:

./configure --with-tls  \
 --enable-multimaster
make depend
make
make test
make install 

My slapd.conf files:

For ldap1:
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema

pidfile         /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args

database        bdb

suffix          "dc=testing,dc=com"
rootdn          "cn=Manager,dc=testing,dc=com"

rootpw          secret

directory       /usr/local/var/openldap-data
index   objectClass     eq

TLSCACertificateFile    /usr/local/etc/openldap/certs/CA/cacert.pem
TLSCertificateFile      /usr/local/etc/openldap/certs/cert.pem
TLSCertificateKeyFile   /usr/local/etc/openldap/certs/key.pem
TLSVerifyClient                 allow

replica uri=ldap://ldap2:389
        binddn="cn=auth01,ou=RepUsers,dc=testing,dc=com"
        bindmethod=simple credentials=password

updatedn        cn=auth02,ou=RepUsers,dc=testing,dc=com
access to * by dn="cn=auth02,ou=RepUsers,dc=testing,dc=com" write by *
read
replogfile      /usr/local/var/replog.ldif

For ldap2

include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema

pidfile         /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args

database        bdb

suffix          "dc=testing,dc=com"
rootdn          "cn=Manager,dc=testing,dc=com"

rootpw          secret

directory       /usr/local/var/openldap-data
index   objectClass     eq

TLSCACertificateFile    /usr/local/etc/openldap/certs/CA/cacert.pem
TLSCertificateFile      /usr/local/etc/openldap/certs/cert.pem
TLSCertificateKeyFile   /usr/local/etc/openldap/certs/key.pem
TLSVerifyClient                 allow


replica uri=ldap://ldap1:389
        binddn="cn=auth02,ou=RepUsers,dc=testing,dc=com"
        bindmethod=simple credentials=password

updatedn        cn=auth01,ou=RepUsers,dc=testing,dc=com
access to * by dn="cn=auth01,ou=RepUsers,dc=testing,dc=com" write by *
read
replogfile      /usr/local/var/replog.ldif

Thanks in advance for the help

Dinni Bartholomew