[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap SQL backend and syncrepl
Frederic Bouy wrote:
Hello,
For performance issues (millions or records) I have two ldap servers:
- one master with an sql backend (postgres) to allow easy data manipulation
- one slave to anwer ldap queries and provide good response time
When lauching the slave ("./slapd -f
/usr/local/openldap/etc/openldap/slapd-front.conf -h "ldap://localhost:3890";
-d 1") I got a first non blocking error I don't really understand:
" => bdb_dn2id("dc=lnp")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
(-30988)"
According to the fact that the following command is successfull:
"ldapwhoami -H "ldap://localhost:389"; -D "cn=manager,dc=lnp" -w secret"
and then the synchronization fails with this error:
"read1msg: ld 0x9ca73e8 msgid 2 message type search-entry
ber_scanf fmt ({xx) ber:
ber_scanf fmt ({a) ber:
ber_scanf fmt (o) ber:
ber_scanf fmt ({em) ber:
do_syncrep2: rid=001 got empty syncUUID with LDAP_SYNC_ADD
ldap_msgfree
connection_get(11): got connid=0
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 11
ldap_free_connection: actually freed
do_syncrepl: rid=001 quitting"
Do you know whether suncrepl is support for ldap with sql backend?
No it's not.
Do you know where can I find some documentation on this?
There isn't any.
Do you have any clue on how I could solve my issues?
Thanks in advance.
Please find below the .conf of those two ldap servers:
# === MASTER =====
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/lnp.schema
pidfile /usr/local/openldap/var/slapd-lnp.pid
argsfile /usr/local/openldap/var/slapd-lnp.args
backend sql
#######################################################################
# sql database definitions
#######################################################################
database sql
suffix "dc=lnp"
rootdn "cn=Manager,dc=lnp"
rootpw secret
dbname lnp
dbuser lnp
dbpasswd lnp
strcast_func "text"
#subtree_cond "ldap.entries.dn like '%'||?"
concat_pattern "?||?"
has_ldapinfo_dn_ru no
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
Not supposed to work since syncrepl is not supported. Back-sql may
claim it supports syncrepl provisioning because there is some
experimental support, but it is known to be broken.
lastmod on
# === MASTER =====
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/lnp.schema
pidfile /usr/local/openldap/var/run/slapd-front.pid
argsfile /usr/local/openldap/var/run/slapd-front.args
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=lnp"
rootdn "cn=Manager,dc=lnp"
rootpw secret
directory /usr/local/openldap/var/openldap-data
# index entryCSN,entryUUID eq
index entryUUID eq
# filter="(objectClass=*)"
syncrepl rid=001
provider=ldap://localhost:389
bindmethod=simple
type=refreshAndPersist
searchbase="ou=31,dc=lnp"
schemachecking=off
binddn="cn=manager,dc=lnp"
credentials=secret
filter="(objectClass=*)"
mirrormode on
serverID 1
You shouldn't enable mirror mode unless you know what you're doing. In
this case you shouldn't enable it since syncrepl is not supported by the
other peer. Moreover the two peers are not symmetrical (back-sql and
back-bdb do not have the same capabilities, and the two configurations
are not identical).
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------