[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Resync DEL

To: Howard Chu <hyc@symas.com>
Subject: Re: Resync DEL
From: Marc Patermann <hans.moser@ofd-z.niedersachsen.de>
Date: Mon, 27 Feb 2012 10:30:43 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <4F47F4E4.3030600@symas.com>
References: <4F464503.7000604@ofd-z.niedersachsen.de> <alpine.SOC.2.02.1202230906320.4716@toolbox.rutgers.edu> <4F475905.3000509@ofd-z.niedersachsen.de> <4F4761EC.90105@symas.com> <4F47832F.7090705@ofd-z.niedersachsen.de> <4F47F4E4.3030600@symas.com>
User-agent: Thunderbird 2.0.0.24 (Windows/20100228)

Hi,

Howard Chu schrieb (24.02.2012 21:36 Uhr):

Marc Patermann wrote:

With this sorted out, this is what I get (both pre 2.4.30 code):

- slapadd the provider with current data
- slapadd the consumer with older data
->  present check, exact sync
- ldap changes on provider
- reset and slapadd the consumer with older data
->  no present check, servers not in sync
    only changes made after the last provider start are synced
- reset and slapadd the consumer with older data and
    restart provider
->  present check, exact sync

I then checked against 2.4.26 on the provider and the behavior changed:

- slapadd the provider with current data
- slapadd the consumer with older data
->  present check, exact sync
- ldap changes on provider
- reset and slapadd the consumer with older data
->  present check, exact sync

Is this the way it is supposed to happen?
I think this is a bug in current code.

In the complete absence of any config information from you, it'simpossible to determine. If you have a syncprov sessionlog, then if youdidn't restart the provider, it may not cause a full presence check whena consumer connects.

So, the sessionlog keeps me from getting the full sync in version >2.4.26?
I set sessionlog. Here is the provider config:

modulepath      /usr/lib/openldap/modules
moduleload      accesslog.la
moduleload      dynlist.la
moduleload      memberof.la
moduleload      refint.la
moduleload      unique.la
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/authldap.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/dnszone.schema
include         /etc/openldap/schema/dhcp.schema
include         /etc/openldap/schema/ofdconf.schema
include         /etc/openldap/schema/nagios.schema
include         /etc/openldap/schema/yast.schema
include         /etc/openldap/schema/ofdaddon.schema
include         /etc/openldap/ofd.acl
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
threads 350
concurrency 350
loglevel        config stats stats2 sync
defaultsearchbase       "ou=humans,ou=foo"
sizelimit       -1
timelimit       4000
TLSCACertificateFile /etc/openldap/ssl/ldapca.pem
TLSCertificateFile /etc/openldap/ssl/ldapcert.pem
TLSCertificateKeyFile /etc/openldap/ssl/ldapkey.pem
authz-policy to
authz-regexp uid=human,cn=[^,]*,cn=auth
        dn:"cn=human,ou=mgr,ou=foo"
authz-regexp uid=cyrus,cn=[^,]*,cn=auth
        "ldap:///ou=humans,ou=foo??sub?(uid=cyrus)"
authz-regexp uid=([^,]*),cn=[^,]*,cn=auth
        "ldap:///ou=humans,ou=foo??sub?(maildrop=$1@*)"
authz-regexp "cn=human,ou=mgr,ou=foo"
        dn.subtree="ou=humans,ou=foo"
database        config
rootdn          cn=config
rootpw          secret
database        bdb
suffix          "ou=foo"
rootdn          "cn=gen.man,ou=mgr,ou=foo"
directory       /var/lib/ldap/main-data
checkpoint      4096 5
cachesize       25000
idlcachesize    45000
dbconfig set_cachesize 2 0 0
dbconfig set_lg_dir /var/log/bdb/main
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
index   objectClass     eq
index   cn              eq,sub
index   version         eq
index   entryCSN,entryUUID     eq
index   default eq
index   uid
index   mail            sub,eq
index   sn              sub,eq
index   givenName       sub,eq
index   maildrop,ou             sub,eq
index   relativeDomainName      eq,sub
index   dhcpHWAddress
index   dhcpClassData
index   dhcpOption
index   zoneName
index   uidNumber,gidNumber     eq
include /etc/openldap/linux.acl
overlay glue
overlay accesslog
logdb "cn=log"
logops writes
logpurge 10+00:00 1+00:00
overlay dynlist
dynlist-attrset groupOfURLs memberURL
overlay refint
refint_attributes member memberOf
refint_nothing "cn=dummy,ou=foo"
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
database        hdb
suffix          "cn=log"
directory       /var/lib/ldap/log-data
rootdn          "cn=gen.man,ou=mgr,ou=foo"
checkpoint      10240 5
dbconfig set_cachesize 0 367001600 0
dbconfig set_lg_dir /var/log/bdb/log
dbconfig set_lg_regionmax 262144
dbconfig set_lg_bsize 2097152
dbconfig set_flags DB_LOG_AUTOREMOVE
index   objectClass     eq
index   cn              eq,sub
index reqStart eq
overlay syncprov
syncprov-nopresent TRUE
syncprov-checkpoint 100 10
syncprov-sessionlog 100
database        monitor
access to dn.subtree="cn=monitor" by * read


Marc

Follow-Ups:
- Re: Resync DEL
  - From: Michael Ströder <michael@stroeder.com>

References:
- Resync DEL
  - From: Marc Patermann <hans.moser@ofd-z.niedersachsen.de>
- Re: Resync DEL
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: Resync DEL
  - From: Marc Patermann <hans.moser@ofd-z.niedersachsen.de>
- Re: Resync DEL
  - From: Howard Chu <hyc@symas.com>
- Re: Resync DEL
  - From: Marc Patermann <hans.moser@ofd-z.niedersachsen.de>
- Re: Resync DEL
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: slapd/slaptest fail with cyrus-sasl-2.1.25
Next by Date: Re: Resync DEL
Index(es):
- Chronological
- Thread