[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: why syncrepl doesn't work ???



On 6/12/07, Jeronimo Zucco <jczucco@ucs.br> wrote:
    Hi, list.

    I'm trying to implement syncrepl in my openldap 2.3.35 without
sucess. I tryed many (I sed: MANY) times to slacat, slapadd to slave for
syn ldap servers, but for some reason with I don't know, the slave lost
the sync.

    Then I have to do the same thing ate night:

- stop ldap master;
- slapcat master
- slapadd on the slave;
- start master and start slave

Hi Jeronimo,

With syncrepl, you don't need to do a 'slapcat' on the master and
'slapadd' on the slave. Just start the master, then the slave. You
will see the slave doing a full sync.


This works about one hour, in the morning wasn't syncing again. If i restart the slave ldap, then the changes on the master is replicated, but stops to sync "on line" after this.

What do you see in your ldap logs? Are your master and slave in two different subnets separated by a firewall?

Sam


I don't know what to do to solve this issue :-(

    Follow up my ldap configuration (just about syncrepl):

ldap master:
# acls permits to user replicator to read all the database
index   objectClass,entryCSN,entryUUID  eq
overlay         syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
limits dn.exact="cn=replicator,dc=domain,dc=com" size.soft=unlimited
size.hard=unlimited



ldap slave:
syncrepl
    rid=1
    provider=ldaps://master.domain.com:636
    binddn="cn=replicator,dc=domain,dc=com"
    bindmethod=simple
    credentials=secret
    searchbase="dc=domain,dc=com"
    filter="(objectClass=*)"
    schemachecking=off
    scope=sub
    type=refreshAndPersist
    retry="60 +"



Any tip will be apreciated.

--
Jeronimo Zucco
LPIC-1 Linux Professional Institute Certified
Núcleo de Processamento de Dados
Universidade de Caxias do Sul

http://jczucco.blogspot.com