[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication monitoring

Hi!

I have checked the replication verification a little bit more.

First of all. I'm using 2.4.21 and you need to allow reading to both cn=monitor and cn=config. So using a monitoring user is important here.
My slapd.conf configuration:

# syncrepl Provider for primary db
overlay syncprov
syncprov-checkpoint 5 1

# syncrepl directive
syncrepl      rid=001
              provider=ldap://host2
              bindmethod=simple
              binddn="cn=Manager,dc=domain,dc=com"
              credentials=secret
              searchbase="dc=domain,dc=com"
              schemachecking=on
              type=refreshAndPersist
              retry="60 +"

mirrormode on

# enable monitoring
database monitor
# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
        by * none
# enable monitoring
database config
# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
        by * none

And the replication must update the contextCSN attribute. You can verify this by:
ldapsearch -x -h <host> -D "<monitoring user>" -W -s base -b "dc=domain,dc=com" contextCSN

In my example the result is:
dn: dc=domain,dc=com
contextCSN: 20100823161844.565867Z#000000#000#000000
contextCSN: 20100825160932.333710Z#000000#001#000000

Hope this helps.

So as long as you can retrieve this information using the same monitoring user as configured in CN=Monitor you should retrieve replication verification info.

Regards - Andreas

On Jan 26, 2011, at 10:30 PM, Peter Boosten wrote:


On 26 jan 2011, at 19:59, Peter Boosten wrote:


On 26 jan 2011, at 19:32, Andreas Andersson wrote:

How about replication verification? Can you confirm that its working?

Ok, looking at the screenshot you sent in your first email, replication settings don't seem to be recognized in my setup (you have an error below the selected server, showing the server whom is replicated to, but in my setup there's no such arrow, nor another server).

Any ideas?


After some testing there's actually more not working, for instance: the collectsummary.php script doesn;t return any values (all 0), ut if I try the ldapquery manually, it actually gives non-zero results:

ra% ldapsearch -x -D "cn=root,dc=boosten,dc=org" -W -b "cn=operations,cn=monitor" -LLL '(cn=modify)' monitorOpCompleted
Enter LDAP Password:
dn: cn=Modify,cn=Operations,cn=Monitor
monitorOpCompleted: 19

and from the cli log:

0 ) modify - Summary Value: 0
0 ) modify - Value NOT Stored to db as it is empty

I'm on OpenLDAP 2.4.23, on FreeBSD.

-- 
Peter Boosten