Hello,
I configured two Master LDAP Server and everything works perfect with replication.
The database contains 10 000 entrys
Now I want to simulate a Server Break so I stopped LDAP while adding 100 LDAP entrys (30000-30099)
via ldapadd. All entrys are available on both Masters (so replication works) expect the last
entry before break down LDAP (while entry 30050). So at Master 1 all entrys until 30050 are available, on Master
2 all entrys are available until 30049. LDAP was not able to sync it before break down. That is ok.
Then I brought LDAP back on Master 1 and the Last entry (30050) was synced by LDAP to
Master 2. All seems to work perfect but now I looked into the Debug Log and LDAP on Master
2 is rescan the whole Database:
...
entry_decode:
"uid=339,dc=local,dc=de"
<= entry_decode(uid=339,dc=local,dc=de)
entry_decode: "uid=340,dc=local,dc=de"
<= entry_decode(uid=340,dc=local,dc=de)
...
Is that normal because it takes a long long time. In the future I will
have millions of user and a rescan would cost much time. Is it possible to avoid this
behaviour of LDAP.
Does anybody have experience with that?
Thank you,
Andi