[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Replica gets corrupted after consumer restart
Hi,
I am using OpenLdap 2.3.19 and Berkeley DB 4.3.29.
I have a syncrepl replication running and replication works. When I now stop
the consumer server, modify an entry on the provider and start the consumer
again, most of the database of the consumer gets deleted (also the one entry
which I have modified, is updated).
I am currently only testing, so I don't have any load, beside my few test
querys. Also I am using the rootdn for replication for my first tests, to
avoid any ACL issues.
See below for my current configuration. Any ideas what could be wrong?
Gerald
##### provider
include /etc/openldap/schema_2.3/core.schema
include /etc/openldap/schema_2.3/cosine.schema
include /etc/openldap/schema_2.3/nis.schema
TLSCertificateFile /usr/ssl/server.crt
TLSCertificateKeyFile /usr/ssl/server.key
TLSCACertificateFile /usr/ssl/server.ca
pidfile /var/run/ldap/slapd.pid
argsfile /var/run/ldap/slapd.args
loglevel 0
database bdb
suffix "dc=testuml,dc=test"
rootdn "cn=Manager,dc=testuml,dc=test"
rootpw "xxx"
directory /var/lib/ldap_2.3
include /etc/openldap/access_ctrl_2.3
overlay syncprov
syncprov-checklist 100 10
syncproc-sessionlog 100
# Indices to maintain
index objectClass eq
index cn eq
index ou eq
index sfbase-id eq
index aliasedObjectName eq
index entryCSN eq
index entryUUID eq
#### consumer
include /etc/openldap/schema_2.3/core.schema
include /etc/openldap/schema_2.3/cosine.schema
include /etc/openldap/schema_2.3/nis.schema
TLSCertificateFile /usr/ssl/server.crt
TLSCertificateKeyFile /usr/ssl/server.key
TLSCACertificateFile /usr/ssl/server.ca
pidfile /var/run/ldap/slapd.pid
argsfile /var/run/ldap/slapd.args
loglevel -1
database bdb
suffix "dc=testuml,dc=test"
rootdn "cn=Manager,dc=testuml,dc=test"
rootpw "yyyy"
directory /var/lib/ldap_2.3
include /etc/openldap/access_ctrl_2.3
# Indices to maintain
index objectClass eq
index cn eq
index ou eq
index sfbase-id eq
index aliasedObjectName eq
index entryCSN eq
index entryUUID eq
syncrepl rid=001
provider=ldaps://10.11.12.53
type=refreshAndPersist
retry="60 10 300 +"
searchbase="dc=testuml,dc=test"
filter="(objectClass=*)"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=Manager,dc=testuml,dc=test"
credentials="xxx"
---------------------------------------------------------------------------
Besuchen Sie uns auf der CeBIT 2006 in Halle 7, Stand B30 (Aladdin)
---------------------------------------------------------------------------
Gerald Richter ecos electronic communication services gmbh
IT-Securitylösungen * Webapplikationen mit Apache/Perl/mod_perl/Embperl
Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: richter@ecos.de Voice: +49 6133 939-122
WWW: http://www.ecos.de/ Fax: +49 6133 939-333
---------------------------------------------------------------------------
ECOS BB-5000 Firewall- und IT-Security Appliance: www.bb-5000.info
---------------------------------------------------------------------------
** Virus checked by BB-5000 Mailfilter **