[Date Prev][Date Next] [Chronological] [Thread] [Top]

Replica gets corrupted after consumer restart



Hi,

I am using OpenLdap 2.3.19 and Berkeley DB 4.3.29. 

I have a syncrepl replication running and replication works. When I now stop
the consumer server, modify an entry on the provider and start the consumer
again, most of the database of the consumer gets deleted (also the one entry
which I have modified, is updated).

I am currently only testing, so I don't have any load, beside my few test
querys. Also I am using the rootdn for replication for my first tests, to
avoid any ACL issues.

See below for my current configuration. Any ideas what could be wrong?

Gerald


##### provider

include		/etc/openldap/schema_2.3/core.schema
include		/etc/openldap/schema_2.3/cosine.schema
include		/etc/openldap/schema_2.3/nis.schema

TLSCertificateFile    /usr/ssl/server.crt
TLSCertificateKeyFile /usr/ssl/server.key
TLSCACertificateFile  /usr/ssl/server.ca

pidfile	        /var/run/ldap/slapd.pid
argsfile       /var/run/ldap/slapd.args

loglevel 0

database	bdb
suffix		"dc=testuml,dc=test"
rootdn		"cn=Manager,dc=testuml,dc=test"
rootpw		"xxx"

directory	/var/lib/ldap_2.3
include		/etc/openldap/access_ctrl_2.3

overlay syncprov
syncprov-checklist 100 10
syncproc-sessionlog 100

# Indices to maintain
index	objectClass	  eq
index	cn	          eq
index	ou	          eq
index	sfbase-id	  eq
index   aliasedObjectName eq
index   entryCSN          eq
index   entryUUID         eq

#### consumer


include		/etc/openldap/schema_2.3/core.schema
include		/etc/openldap/schema_2.3/cosine.schema
include		/etc/openldap/schema_2.3/nis.schema

TLSCertificateFile    /usr/ssl/server.crt
TLSCertificateKeyFile /usr/ssl/server.key
TLSCACertificateFile  /usr/ssl/server.ca

pidfile	        /var/run/ldap/slapd.pid
argsfile       /var/run/ldap/slapd.args

loglevel -1

database	bdb
suffix		"dc=testuml,dc=test"
rootdn		"cn=Manager,dc=testuml,dc=test"
rootpw		"yyyy"

directory	/var/lib/ldap_2.3
include		/etc/openldap/access_ctrl_2.3

# Indices to maintain
index	objectClass	  eq
index	cn	          eq
index	ou	          eq
index	sfbase-id	  eq
index   aliasedObjectName eq
index   entryCSN          eq
index   entryUUID         eq

syncrepl rid=001
    provider=ldaps://10.11.12.53
    type=refreshAndPersist
    retry="60 10 300 +"
    searchbase="dc=testuml,dc=test"
    filter="(objectClass=*)"
    scope=sub
    schemachecking=off
    bindmethod=simple
    binddn="cn=Manager,dc=testuml,dc=test"
    credentials="xxx"




---------------------------------------------------------------------------
Besuchen Sie uns auf der CeBIT 2006 in Halle 7, Stand B30 (Aladdin)
---------------------------------------------------------------------------
Gerald Richter            ecos electronic communication services gmbh
IT-Securitylösungen * Webapplikationen mit Apache/Perl/mod_perl/Embperl

Post:       Tulpenstrasse 5          D-55276 Dienheim b. Mainz
E-Mail:     richter@ecos.de          Voice:   +49 6133 939-122
WWW:        http://www.ecos.de/      Fax:     +49 6133 939-333
---------------------------------------------------------------------------
ECOS BB-5000 Firewall- und IT-Security Appliance: www.bb-5000.info
---------------------------------------------------------------------------

 


 
** Virus checked by BB-5000 Mailfilter **