[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Debugging syncrepl
- To: openldap-technical@openldap.org
- Subject: Debugging syncrepl
- From: "Angel L. Mateo" <amateo@um.es>
- Date: Wed, 15 Dec 2010 12:39:54 +0100
- Organization: ATICA, Universidad de Murcia
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7
Hello,
I've configured 2 ldap servers (2.4.21, from ubuntu 10.04 package) in a
master-master configuration. The configuration I have is:
{0}rid=004 provider=ldap://ldap1.mydomain.com binddn="<replicauser>"
bindmethod=simple credentials=<replicapass> searchbase="<dc=mydomain>"
type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout=1
{1}rid=005 provider=ldap://ldap2.mydomain.com binddn="<relicauser>"
bindmethod=simple credentials=<replicapass> searchbase="<dc=mydomain>"
type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout=1
I have an oclAccess like:
{3}to dn.subtree=<dc=mydomain>
by group.exact=<admingroup> manage
...
by * none break
Replica user belongs to group <admingroup>, so it has complete access
to the directory.
I have also a limit like:
{1}group=<admingroup> time.soft=unlimited time.hard=unlimited
size.soft=unlimited size.hard=unlimited
so it has no limits.
The problem is that I'm loading the directory with a lot of entries
(about 109000). After all the load process (I've done it in ldap2, with
ldapadd commands) I have all the entries in ldap2, but I have a few less
in ldap1 (about 107000).
How could I debug the problem?
I have tried later to remove from ldap2 an entry that it isn't at
ldap1, and then add it again and the replication is done, so I don't
know why it hasn't been replicated the first time.
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información _o)
y las Comunicaciones Aplicadas (ATICA) / \\
http://www.um.es/atica _(___V
Tfo: 868887590
Fax: 868888337