[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: syncrepl doesn't copy entries
> >> Quanah Gibson-Mount wrote:
> >> > What version of OpenLDAP?
> >>
> >> sorry, I forget the version. It's 2.2.9, both consumer
> >> and provider.
> >
> > Openldap 2.2.11 shows the same behaviour, it doesn't
> > copy the provider DIT and I don't see errors (or they
> > aren't obvious for me) :-?
>
> Hm, I didn't try 2.2.9, but 2.2.10 works for me. I'll have to compare your
> settings to mine. ;)
well, I downgraded to 2.2.10 and it doesn't copy
entries from the provider DIT yet.
If I understand the admin guide correctly, all I need to
configure the provider slapd is to add "sessionlog 22 100"
to the database definition. After of the first contact
an entry bellow the base DN with an objectclass
"syncProviderSubentry" will be automatically created,
and indeed slapd create the entry:
dn: cn=ldapsync,dc=fadesa,dc=es
objectClass: top
objectClass: subentry
objectClass: syncProviderSubentry
structuralObjectClass: subentry
cn: ldapsync
contextCSN: 20040423121228Z#000001#00#000000
subtreeSpecification: {}
on the consumer side I create the base DN (with
ou=personas) and updatedn which I think that it's
a requirement to permit the replicated content to
go to the consumer DB with a known DN.
syncrepl rid=22
provider=ldap://195.55.55.167:389
type=refreshOnly
interval=00:01:00:00
searchbase="ou=personas,dc=fadesa,dc=es"
scope=sub
filter="(objectClass=*)"
schemachecking=off
updatedn="cn=replica,dc=fadesa,dc=es"
bindmethod=simple
binddn="cn=syncuser,ou=cuentas,dc=fadesa,dc=es"
credentials=sincro
again, after the first comunication beetwen both slapd
daemons an entry with objectclass "syncConsumerSubentry"
is found in the consumer:
dn: cn=syncrepl22,dc=fadesa,dc=es
objectClass: top
objectClass: subentry
objectClass: syncConsumerSubentry
cn: syncrepl22
syncreplCookie: csn=20040423121228Z#000001#00#000000
subtreeSpecification: {}
structuralObjectClass: subentry
entryUUID: 2b64fe64-296b-1028-93d6-fa4479f0e740
creatorsName: cn=replica,dc=fadesa,dc=es
createTimestamp: 20040423121200Z
entryCSN: 20040423121200Z#000001#00#000000
modifiersName: cn=replica,dc=fadesa,dc=es
modifyTimestamp: 20040423121200Z
ACL derivate problems are improbable because while I'm
trying to learn syncrepl the ACL on slapd is full access.
(access to * by * write)
and with all this done, I don't see the motive by which
syncrepl protocol fails to load the content.
what can be the cause of this behaviour?
thank you.
# /usr/local/libexec/slapd -4 -d -1 -h ldap://
@(#) $OpenLDAP: slapd 2.2.10 (Apr 23 2004 11:57:46) $
root@filemon:/tmp/openldap-2.2.10/servers/slapd
daemon_init: ldap://
daemon_init: listen on ldap://
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://)
daemon: initialized ldap://
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
reading config file /usr/local/etc/openldap/slapd.conf
line 6 (include /usr/local/etc/openldap/schema/core.schema)
.
.
.
bdb_db_open: dc=fadesa,dc=es
bdb_db_open: dbenv_open(/var/db/openldap-data)
slapd starting
daemon: added 6r
daemon: select: listen=6 active_threads=0 tvp=zero
=>do_syncrepl
ldap_create
ldap_url_parse_ext(ldap://195.55.55.167:389)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP 195.55.55.167:389
ldap_new_socket: 11
ldap_prepare_socket: 11
ldap_connect_to_host: Trying 195.55.55.167:389
ldap_connect_timeout: fd: 11 tm: -1 async: 0
ldap_ndelay_on: 11
ldap_is_sock_ready: 11
ldap_ndelay_off: 11
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 58 bytes to sd 11
0000: 30 38 02 01 01 60 33 02 01 03 04 26 63 6e 3d 73 08...`3....&cn=s
0010: 79 6e 63 75 73 65 72 2c 6f 75 3d 63 75 65 6e 74 yncuser,ou=cuent
0020: 61 73 2c 64 63 3d 66 61 64 65 73 61 2c 64 63 3d as,dc=fadesa,dc=
0030: 65 73 80 06 73 69 6e 63 72 6f es..sincro
ldap_write: want=58, written=58
0000: 30 38 02 01 01 60 33 02 01 03 04 26 63 6e 3d 73 08...`3....&cn=s
0010: 79 6e 63 75 73 65 72 2c 6f 75 3d 63 75 65 6e 74 yncuser,ou=cuent
0020: 61 73 2c 64 63 3d 66 61 64 65 73 61 2c 64 63 3d as,dc=fadesa,dc=
0030: 65 73 80 06 73 69 6e 63 72 6f es..sincro
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: 195.55.55.167 port: 389 (default)
refcnt: 2 status: Connected
last used: Fri Apr 23 14:59:41 2004
** Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x08171b08 ptr=0x08171b08 end=0x08171b14 len=12
0000: 02 01 01 61 07 0a 01 00 04 00 04 00 ...a........
ldap_read: message type bind msgid 1, original id 1
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08171b08 ptr=0x08171b0b end=0x08171b14 len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt ({iaa}) ber:
ber_dump: buf=0x08171b08 ptr=0x08171b0b end=0x08171b14 len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
new result: res_errno: 0, res_error: <>, res_matched: <>
read1msg: 0 new referrals
read1msg: mark request completed, id = 1
request 1 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08171b08 ptr=0x08171b0b end=0x08171b14 len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x08171b08 ptr=0x08171b14 end=0x08171b14 len=0
ldap_msgfree
=> bdb_entry_get: ndn: "cn=syncrepl22,dc=fadesa,dc=es"
=> bdb_entry_get: oc: "(null)", at: "syncreplCookie"
bdb_dn2entry("cn=syncrepl22,dc=fadesa,dc=es")
=> bdb_dn2id( "dc=fadesa,dc=es" )
<= bdb_dn2id: got id=0x00000001
=> bdb_dn2id( "cn=syncrepl22,dc=fadesa,dc=es" )
<= bdb_dn2id: got id=0x00000004
entry_decode: "cn=syncrepl22,dc=fadesa,dc=es"
<= entry_decode(cn=syncrepl22,dc=fadesa,dc=es)
=> bdb_entry_get: found entry: "cn=syncrepl22,dc=fadesa,dc=es"
bdb_entry_get: rc=0
=> access_allowed: auth access to "cn=syncrepl22,dc=fadesa,dc=es" "syncreplCookie" requested
=> acl_get: [1] attr syncreplCookie
access_allowed: no res from state (syncreplCookie)
=> acl_mask: access to entry "cn=syncrepl22,dc=fadesa,dc=es", attr "syncreplCookie" requested
=> acl_mask: to all values by "cn=replica,dc=fadesa,dc=es", (=n)
<= check a_dn_pat: *
<= acl_mask: [1] applying write(=wrscx) (stop)
<= acl_mask: [1] mask: write(=wrscx)
=> access_allowed: auth access granted by write(=wrscx)
ldap_search_ext
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
ldap_send_initial_request
ldap_send_server_request
ber_flush: 191 bytes to sd 11
0000: 30 81 bc 02 01 02 63 6c 04 1b 6f 75 3d 70 65 72 0.....cl..ou=per
0010: 73 6f 6e 61 73 2c 64 63 3d 66 61 64 65 73 61 2c sonas,dc=fadesa,
0020: 64 63 3d 65 73 0a 01 02 0a 01 00 02 01 00 02 01 dc=es...........
0030: 00 01 01 00 87 0b 6f 62 6a 65 63 74 43 6c 61 73 ......objectClas
0040: 73 30 31 04 01 2a 04 0b 6f 62 6a 65 63 74 43 6c s01..*..objectCl
0050: 61 73 73 04 15 73 74 72 75 63 74 75 72 61 6c 4f ass..structuralO
0060: 62 6a 65 63 74 43 6c 61 73 73 04 08 65 6e 74 72 bjectClass..entr
0070: 79 43 53 4e a0 49 30 47 04 18 31 2e 33 2e 36 2e yCSN.I0G..1.3.6.
0080: 31 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 39 2e 31 1.4.1.4203.1.9.1
0090: 2e 31 04 2b 30 29 0a 01 01 04 24 63 73 6e 3d 32 .1.+0)....$csn=2
00a0: 30 30 34 30 34 32 33 31 32 31 32 32 38 5a 23 30 0040423121228Z#0
00b0: 30 30 30 30 31 23 30 30 23 30 30 30 30 30 30 00001#00#000000
ldap_write: want=191, written=191
0000: 30 81 bc 02 01 02 63 6c 04 1b 6f 75 3d 70 65 72 0.....cl..ou=per
0010: 73 6f 6e 61 73 2c 64 63 3d 66 61 64 65 73 61 2c sonas,dc=fadesa,
0020: 64 63 3d 65 73 0a 01 02 0a 01 00 02 01 00 02 01 dc=es...........
0030: 00 01 01 00 87 0b 6f 62 6a 65 63 74 43 6c 61 73 ......objectClas
0040: 73 30 31 04 01 2a 04 0b 6f 62 6a 65 63 74 43 6c s01..*..objectCl
0050: 61 73 73 04 15 73 74 72 75 63 74 75 72 61 6c 4f ass..structuralO
0060: 62 6a 65 63 74 43 6c 61 73 73 04 08 65 6e 74 72 bjectClass..entr
0070: 79 43 53 4e a0 49 30 47 04 18 31 2e 33 2e 36 2e yCSN.I0G..1.3.6.
0080: 31 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 39 2e 31 1.4.1.4203.1.9.1
0090: 2e 31 04 2b 30 29 0a 01 01 04 24 63 73 6e 3d 32 .1.+0)....$csn=2
00a0: 30 30 34 30 34 32 33 31 32 31 32 32 38 5a 23 30 0040423121228Z#0
00b0: 30 30 30 30 31 23 30 30 23 30 30 30 30 30 30 00001#00#000000
=>do_syncrep2
ldap_result msgid -1
ldap_chkResponseList for msgid=-1, all=0
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid -1
wait4msg continue, msgid -1, all 0
** Connections:
* host: 195.55.55.167 port: 389 (default)
refcnt: 2 status: Connected
last used: Fri Apr 23 14:59:41 2004
** Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=-1, all=0
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid -1, all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 57 02 01 02 65 07 0a 0W...e..
ldap_read: want=81, got=81
0000: 01 00 04 00 04 00 a0 49 30 47 04 18 31 2e 33 2e .......I0G..1.3.
0010: 36 2e 31 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 39 6.1.4.1.4203.1.9
0020: 2e 31 2e 33 01 01 ff 04 28 30 26 04 24 63 73 6e .1.3....(0&.$csn
0030: 3d 32 30 30 34 30 34 32 33 31 32 31 32 32 38 5a =20040423121228Z
0040: 23 30 30 30 30 30 31 23 30 30 23 30 30 30 30 30 #000001#00#00000
0050: 30 0
ber_get_next: tag 0x30 len 87 contents:
ber_dump: buf=0x08171110 ptr=0x08171110 end=0x08171167 len=87
0000: 02 01 02 65 07 0a 01 00 04 00 04 00 a0 49 30 47 ...e.........I0G
0010: 04 18 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e 34 32 ..1.3.6.1.4.1.42
0020: 30 33 2e 31 2e 39 2e 31 2e 33 01 01 ff 04 28 30 03.1.9.1.3....(0
0030: 26 04 24 63 73 6e 3d 32 30 30 34 30 34 32 33 31 &.$csn=200404231
0040: 32 31 32 32 38 5a 23 30 30 30 30 30 31 23 30 30 21228Z#000001#00
0050: 23 30 30 30 30 30 30 #000000
ldap_read: message type search-result msgid 2, original id 2
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08171110 ptr=0x08171113 end=0x08171167 len=84
0000: 65 07 0a 01 00 04 00 04 00 a0 49 30 47 04 18 31 e.........I0G..1
0010: 2e 33 2e 36 2e 31 2e 34 2e 31 2e 34 32 30 33 2e .3.6.1.4.1.4203.
0020: 31 2e 39 2e 31 2e 33 01 01 ff 04 28 30 26 04 24 1.9.1.3....(0&.$
0030: 63 73 6e 3d 32 30 30 34 30 34 32 33 31 32 31 32 csn=200404231212
0040: 32 38 5a 23 30 30 30 30 30 31 23 30 30 23 30 30 28Z#000001#00#00
0050: 30 30 30 30 0000
ber_scanf fmt ({iaa}) ber:
ber_dump: buf=0x08171110 ptr=0x08171113 end=0x08171167 len=84
0000: 65 07 0a 01 00 04 00 04 00 a0 49 30 47 04 18 31 e.........I0G..1
0010: 2e 33 2e 36 2e 31 2e 34 2e 31 2e 34 32 30 33 2e .3.6.1.4.1.4203.
0020: 31 2e 39 2e 31 2e 33 01 01 ff 04 28 30 26 04 24 1.9.1.3....(0&.$
0030: 63 73 6e 3d 32 30 30 34 30 34 32 33 31 32 31 32 csn=200404231212
0040: 32 38 5a 23 30 30 30 30 30 31 23 30 30 23 30 30 28Z#000001#00#00
0050: 30 30 30 30 0000
new result: res_errno: 0, res_error: <>, res_matched: <>
read1msg: 0 new referrals
read1msg: mark request completed, id = 2
request 2 done
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08171110 ptr=0x08171113 end=0x08171167 len=84
0000: 65 07 0a 01 00 04 00 04 00 a0 49 30 47 04 18 31 e.........I0G..1
0010: 2e 33 2e 36 2e 31 2e 34 2e 31 2e 34 32 30 33 2e .3.6.1.4.1.4203.
0020: 31 2e 39 2e 31 2e 33 01 01 ff 04 28 30 26 04 24 1.9.1.3....(0&.$
0030: 63 73 6e 3d 32 30 30 34 30 34 32 33 31 32 31 32 csn=200404231212
0040: 32 38 5a 23 30 30 30 30 30 31 23 30 30 23 30 30 28Z#000001#00#00
0050: 30 30 30 30 0000
ber_scanf fmt ({a) ber:
ber_dump: buf=0x08171110 ptr=0x0817111e end=0x08171167 len=73
0000: 30 47 04 18 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e 0G..1.3.6.1.4.1.
0010: 34 32 30 33 2e 31 2e 39 2e 31 2e 33 01 01 ff 04 4203.1.9.1.3....
0020: 28 30 26 04 24 63 73 6e 3d 32 30 30 34 30 34 32 (0&.$csn=2004042
0030: 33 31 32 31 32 32 38 5a 23 30 30 30 30 30 31 23 3121228Z#000001#
0040: 30 30 23 30 30 30 30 30 30 00#000000
ber_scanf fmt (b) ber:
ber_dump: buf=0x08171110 ptr=0x0817113a end=0x08171167 len=45
0000: 01 01 ff 04 28 30 26 04 24 63 73 6e 3d 32 30 30 ....(0&.$csn=200
0010: 34 30 34 32 33 31 32 31 32 32 38 5a 23 30 30 30 40423121228Z#000
0020: 30 30 31 23 30 30 23 30 30 30 30 30 30 001#00#000000
ber_scanf fmt (o) ber:
ber_dump: buf=0x08171110 ptr=0x0817113d end=0x08171167 len=42
0000: 04 28 30 26 04 24 63 73 6e 3d 32 30 30 34 30 34 .(0&.$csn=200404
0010: 32 33 31 32 31 32 32 38 5a 23 30 30 30 30 30 31 23121228Z#000001
0020: 23 30 30 23 30 30 30 30 30 30 #00#000000
ber_scanf fmt (}) ber:
ber_dump: buf=0x08171110 ptr=0x08171167 end=0x08171167 len=0
ber_scanf fmt ({) ber:
ber_dump: buf=0x08171198 ptr=0x08171198 end=0x081711c0 len=40
0000: 30 26 04 24 63 73 6e 3d 32 30 30 34 30 34 32 33 0&.$csn=20040423
0010: 31 32 31 32 32 38 5a 23 30 30 30 30 30 31 23 30 121228Z#000001#0
0020: 30 23 30 30 30 30 30 30 0#000000
ber_scanf fmt (m) ber:
ber_dump: buf=0x08171198 ptr=0x0817119a end=0x081711c0 len=38
0000: 04 24 63 73 6e 3d 32 30 30 34 30 34 32 33 31 32 .$csn=2004042312
0010: 31 32 32 38 5a 23 30 30 30 30 30 31 23 30 30 23 1228Z#000001#00#
0020: 30 30 30 30 30 30 000000
ber_scanf fmt (}) ber:
ber_dump: buf=0x08171198 ptr=0x081711c0 end=0x081711c0 len=0
ldap_msgfree
ldap_unbind
ldap_free_connection
ldap_send_unbind
ber_flush: 7 bytes to sd 11
0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
daemon: shutdown requested and initiated.
daemon: closing 6
slapd shutdown: waiting for 0 threads to terminate
slapd shutdown: initiated
====> bdb_cache_release_all
slapd shutdown: freeing system resources.
slapd stopped.
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d- s+:+() a- C+++ UBL+++$ P+ L+++ E--- W++ N+ o++ K- w---
O+ M+ V- PS+ PE+ Y++ PGP+>+++ t+ 5 X+$ R- tv-- b+++ DI D++>+++
G++ e- h+(++) !r !z
------END GEEK CODE BLOCK------