[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Newly configured replication (master / slave) on 2.3 not quite working..
- To: openldap-technical@openldap.org
- Subject: Newly configured replication (master / slave) on 2.3 not quite working..
- From: Michael March <mmarch@gmail.com>
- Date: Tue, 16 Nov 2010 19:52:00 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=Q7zd3575xReXT6dQuKcjkYFgxfVbNDQUGFN2Xqv5lwg=; b=k+tbOLm9U9ARKYrUN0ZXeA6ObNObUp33mV2BRo9eMs9HFwYnYJEfyZgvFf9mEpugRW OWo34+nXgGT7rZ7+RiIIg8buDnhwhL3Bp7FGX4TzrPXSQvuP1DuSd3nzi85qetIoamOu s+bT7dDxn32ot8n0LzNdMKmJkkIFzJ3eBEqxg=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=Dd0G8xti92Xw1wAdaTNAONqOUgrskRGE2bDMLzVRBIhQh8BnJmjJTpLG5AZpk1vAjv ZvZZkmMiK7m2EhQqWHwVjrNslSpO38C/YUmt68OEyJ4gceWMeb3krHaSIN7+9IUxV+cv /+Pcn1PFvAAAuy5D/CE85jEsvQCrMsLQ/agac=
Entries are taking a LONG time to propagate (if they do at all)..
I'm getting a TON of entries in the log like this on the slave side
(continuously):
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2629 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"uid=mwatson,ou=People,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(uid=mwatson,ou=People,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "uid=mwatson,ou=People,dc=acme,dc=com" "entryUUID" requested
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2630 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"cn=mwatson,ou=Group,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(cn=mwatson,ou=Group,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "cn=mwatson,ou=Group,dc=acme,dc=com" "entryUUID" requested
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= root access granted
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <= test_filter 5
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: bdb_search: 2631 does not match filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: entry_decode:
"ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com"
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: <=
entry_decode(ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com)
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => test_filter
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: EQUALITY
Nov 16 21:03:54 sfo-dns-01 slapd[11864]: => access_allowed: search
access to "ou=Contacts,uid=mwatson,ou=People,dc=acme,dc=com"
"entryUUID" request
ed
Here's the slave config:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/ldapab.schema
include /etc/openldap/schema/ppolicy.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
modulepath /usr/lib64/openldap
moduleload ppolicy.la
TLSCertificateFile /etc/openldap/ldap.cert
TLSCertificateKeyFile /etc/openldap/ldap.key
database bdb
suffix "dc=acme,dc=com"
rootdn "uid=helpdesk,ou=People,dc=acme,dc=com"
rootpw {SHA}FOOOOOO+pZB93s06zAM1vQo=
directory /var/lib/ldap
overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=acme,dc=com"
ppolicy_use_lockout
sizelimit 2500
loglevel -1
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
syncrepl rid=123
provider=ldap://ldap-stage.acme.com:389
#type=refreshAndPersist
type=refreshOnly
interval=00:00:02:00
searchbase="dc=acme,dc=com"
# filter="(objectClass=organizationalPerson)"
filter="(objectClass=*)"
updatedn "uid=helpdesk,ou=People,dc=acme,dc=com"
scope=sub
schemachecking=off
bindmethod=simple
binddn="uid=helpdesk,ou=People,dc=acme,dc=com"
credentials=FOOOBAR
updateref ldap://ldap-stage.acme.com
--
<cowmix>