[Date Prev][Date Next] [Chronological] [Thread] [Top]

Newly configured replication (master / slave) on 2.3 not quite working..



Entries are taking a LONG time to propagate (if they do at all)..

I'm getting a TON of entries in the log like this on the slave side
(continuously):


Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2629 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"uid=mwatson,ou=People,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(uid=mwatson,ou=People,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]:     EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "uid=mwatson,ou=People,dc=acme,dc=com" "entryUUID" requested
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2630 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"cn=mwatson,ou=Group,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(cn=mwatson,ou=Group,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]:     EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "cn=mwatson,ou=Group,dc=acme,dc=com" "entryUUID" requested
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2631 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]:     EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com"
"entryUUID" request
ed

Here's the slave config:

include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/inetorgperson.schema
include		/etc/openldap/schema/nis.schema
include         /etc/openldap/schema/ldapab.schema
include         /etc/openldap/schema/ppolicy.schema

allow bind_v2

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

modulepath /usr/lib64/openldap
moduleload ppolicy.la

TLSCertificateFile /etc/openldap/ldap.cert
TLSCertificateKeyFile /etc/openldap/ldap.key

database        bdb
suffix          "dc=acme,dc=com"

rootdn          "uid=helpdesk,ou=People,dc=acme,dc=com"

rootpw         {SHA}FOOOOOO+pZB93s06zAM1vQo=

directory /var/lib/ldap

overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=acme,dc=com"
ppolicy_use_lockout

sizelimit 2500

loglevel  -1

directory	/var/lib/ldap

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

syncrepl rid=123
                provider=ldap://ldap-stage.acme.com:389
                #type=refreshAndPersist
		type=refreshOnly
                interval=00:00:02:00
                searchbase="dc=acme,dc=com"
                # filter="(objectClass=organizationalPerson)"
                filter="(objectClass=*)"
                updatedn "uid=helpdesk,ou=People,dc=acme,dc=com"
                scope=sub
                schemachecking=off
                bindmethod=simple
                binddn="uid=helpdesk,ou=People,dc=acme,dc=com"
                credentials=FOOOBAR

updateref ldap://ldap-stage.acme.com

-- 
<cowmix>