[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: OPENLDAP SYNCREPL



Thanks, Howard;

In hindsight, if my config looks jumbled, it is...that's what I get for
doing little things in a quasi-blind attempt at solving issues.

*******Here is the output of slapcat on the Provider:**********

# slapcat -s olcDatabase=\{1}bdb,cn=config
dn: olcDatabase={1}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcSuffix: dc=group42,dc=ldap
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=ldapadmin,dc=group42,dc=ldap
olcRootPW:: ***************
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap_db/openldap-data
olcDbCacheSize: 1000
olcDbConfig: {0}# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.3.2.4
2007/1
 2/18 11:53:27 ghenry Exp $
olcDbConfig: {1}# Example DB_CONFIG file for use with slapd(8) BDB/HDB
databas
 es.
olcDbConfig: {2}#
olcDbConfig: {3}# See the Oracle Berkeley DB documentation
olcDbConfig: {4}#
<http://www.oracle.com/technology/documentation/berkeley-d
 b/db/ref/env/db_config.html>
olcDbConfig: {5}# for detail description of DB_CONFIG syntax and semantics.
olcDbConfig: {6}#
olcDbConfig: {7}# Hints can also be found in the OpenLDAP Software FAQ
olcDbConfig::
ezh9Iwk8aHR0cDovL3d3dy5vcGVubGRhcC5vcmcvZmFxL2luZGV4LmNnaT9maWxl
 PTI+
olcDbConfig: {9}# in particular:
olcDbConfig: {10}#   <http://www.openldap.org/faq/index.cgi?file=1075>
olcDbConfig: {11}
olcDbConfig: {12}# Note: most DB_CONFIG settings will take effect only upon
re
 building
olcDbConfig: {13}# the DB environment.
olcDbConfig: {14}
olcDbConfig: {15}# one 0.25 GB cache
olcDbConfig: {16}set_cachesize 0 268435456 1
olcDbConfig: {17}
olcDbConfig: {18}# Data Directory
olcDbConfig: {19}#set_data_dir db
olcDbConfig: {20}
olcDbConfig: {21}# Transaction Log settings
olcDbConfig: {22}set_lg_regionmax 262144
olcDbConfig: {23}set_lg_bsize 2097152
olcDbConfig: {24}#set_lg_dir logs
olcDbConfig: {25}
olcDbConfig: {26}# Note: special DB_CONFIG flags are no longer needed for
"qui
 ck"
olcDbConfig::
ezI3fSMgc2xhcGFkZCg4KSBvciBzbGFwaW5kZXgoOCkgYWNjZXNzIChzZWUgdGhl
 aXIgLXEgb3B0aW9uKS4g
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass eq
olcDbIndex: sn eq,sub
olcDbIndex: mail eq,sub
olcDbIndex: departmentNumber eq
olcDbIndex: cn,uid eq,sub
olcDbIndex: uidNumber eq
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbIndex: ipHostNumber eq
olcDbIndex: gidNumber,memberUID eq
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcBdbConfig
entryUUID: 101e6d86-dd1c-4eaa-a26e-d7e201a727f8
creatorsName: cn=config
createTimestamp: 20111219143532Z
olcDbSearchStack: 32
olcAccess: {0} to attrs=userPassword,shadowLastChange by self write by
anonymo
 us auth by * none
olcAccess: {1} to * by * read
olcDatabase: {1}bdb
olcLimits: {0}dn.exact="cn=ldapadmin,dc=group42,dc=ldap" size=unlimited
time=u
 nlimited
entryCSN: 20120313163732.658240Z#000000#001#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120313163732Z

dn: olcOverlay={0}syncprov,olcDatabase={1}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
structuralObjectClass: olcSyncProvConfig
entryUUID: 8572b589-f594-44a6-91fe-0de741afbcca
creatorsName: cn=admin,cn=config
createTimestamp: 20120224171809Z
olcSpReloadHint: TRUE
olcSpCheckpoint: 1000 60
entryCSN: 20120312145000.123929Z#000000#001#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120312145000Z

dn: olcOverlay={1}accesslog,olcDatabase={1}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {1}accesslog
olcAccessLogDB: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 07+00:00 01+00:00
olcAccessLogSuccess: TRUE
structuralObjectClass: olcAccessLogConfig
entryUUID: eea1e438-6385-4660-807b-bb270eb4843a
creatorsName: cn=admin,cn=config
createTimestamp: 20120229161649Z
entryCSN: 20120229161649.880441Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120229161649Z

# slapcat -s olcDatabase=\{2}bdb,cn=config
dn: olcDatabase={2}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDbDirectory: /var/lib/ldap_db/accesslog
olcSuffix: cn=accesslog
olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
structuralObjectClass: olcBdbConfig
entryUUID: 446c6c64-a899-4f37-9498-cb4a349d3b48
creatorsName: cn=admin,cn=config
createTimestamp: 20120229153826Z
olcLimits: {0}dn.exact="cn=ldapadmin,dc=group42,dc=ldap" time.soft=unlimited
t
 ime.hard=unlimited size.soft=unlimited size.hard=unlimited
olcDatabase: {2}bdb
entryCSN: 20120313143637.046410Z#000000#001#000000
modifiersName: cn=config
modifyTimestamp: 20120313143637Z




################################################
***Here is the output of slapcat from the Consumer***
# slapcat -s olcDatabase=\{2}bdb,cn=config
dn: olcDatabase={2}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcSuffix: dc=group42,dc=ldap
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=ldapadmin,dc=group42,dc=ldap
olcRootPW:: ***************
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap_db/openldap-data
olcDbCacheSize: 1000
olcDbConfig: {0}# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.1.2.4
2007/1
 2/18 11:51:46 ghenry Exp $
olcDbConfig: {1}# Example DB_CONFIG file for use with slapd(8) BDB/HDB
databas
 es.
olcDbConfig: {2}#
olcDbConfig: {3}# See the Oracle Berkeley DB documentation
olcDbConfig: {4}#
<http://www.oracle.com/technology/documentation/berkeley-d
 b/db/ref/env/db_config.html>
olcDbConfig: {5}# for detail description of DB_CONFIG syntax and semantics.
olcDbConfig: {6}#
olcDbConfig: {7}# Hints can also be found in the OpenLDAP Software FAQ
olcDbConfig::
ezh9Iwk8aHR0cDovL3d3dy5vcGVubGRhcC5vcmcvZmFxL2luZGV4LmNnaT9maWxl
 PTI+
olcDbConfig: {9}# in particular:
olcDbConfig: {10}#   <http://www.openldap.org/faq/index.cgi?file=1075>
olcDbConfig: {11}
olcDbConfig: {12}# Note: most DB_CONFIG settings will take effect only upon
re
 building
olcDbConfig: {13}# the DB environment.
olcDbConfig: {14}
olcDbConfig: {15}# one 0.25 GB cache
olcDbConfig: {16}set_cachesize 0 268435456 1
olcDbConfig: {17}
olcDbConfig: {18}# Data Directory
olcDbConfig: {19}#set_data_dir db
olcDbConfig: {20}
olcDbConfig: {21}# Transaction Log settings
olcDbConfig: {22}set_lg_regionmax 262144
olcDbConfig: {23}set_lg_bsize 2097152
olcDbConfig: {24}#set_lg_dir logs
olcDbConfig: {25}
olcDbConfig: {26}# Note: special DB_CONFIG flags are no longer needed for
"qui
 ck"
olcDbConfig::
ezI3fSMgc2xhcGFkZCg4KSBvciBzbGFwaW5kZXgoOCkgYWNjZXNzIChzZWUgdGhl
 aXIgLXEgb3B0aW9uKS4g
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass eq
olcDbIndex: cn,uid eq,sub
olcDbIndex: sn eq,sub
olcDbIndex: mail eq,sub
olcDbIndex: departmentNumber eq
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcAccess: {0} to attrs=userPassword,shadowLastChange by self write by
anonymo
 us auth by * none
olcAccess: {1} to * by * read
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
structuralObjectClass: olcBdbConfig
entryUUID: e6971058-e0f0-4160-aaca-a18b24d22008
creatorsName: cn=config
createTimestamp: 20120229205835Z
olcDatabase: {2}bdb
olcUpdateRef: ldaps://gp42-admin2.group42.ldap:636
olcMirrorMode: TRUE
olcSyncrepl: {0}rid=1 provider=ldaps://gp42-admin2.group42.ldap:636
bindmethod
 =simple binddn="cn=ldapadmin,dc=group42,dc=ldap" credentials=*********
interva
 l=01:00:00:00 searchbase="dc=group42,dc=ldap" logbase="cn=accesslog"
schemach
 ecking=on type=refreshAndPersist retry="60 +" filter="(objectClass=*)"
attrs=
 "*,+" syncdata=accesslog starttls=no
tls_cacertdir=/usr/local/openldap-2.4.23
 /etc/openldap/cacerts
entryCSN: 20120313150609.224840Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120313150609Z

dn: olcOverlay={0}memberof,olcDatabase={2}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: {0}memberof
structuralObjectClass: olcMemberOf
entryUUID: 363ad8ed-872c-4fff-99c1-4f73d3e8055d
creatorsName: cn=admin,cn=config
createTimestamp: 20120302121345Z
entryCSN: 20120302121345.220702Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120302121345Z

dn: olcOverlay={1}syncprov,olcDatabase={2}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpNoPresent: TRUE
structuralObjectClass: olcSyncProvConfig
entryUUID: 69ca3f6a-1ac4-45f9-88ca-eb7f67ca7b63
creatorsName: cn=admin,cn=config
createTimestamp: 20120302141557Z
entryCSN: 20120302141557.545770Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20120302141557Z

I know that the two systems are communicating, at least, at the client level
and attempting to at the slapd level.  As stated earlier, the only error I'm
seeing consistently on the Consumer is:
do_syncrep2: rid=001 got search entry without Sync State control
do_syncrepl: rid=001 rc -1 retrying
do_syncrep2: rid=001 got search entry without Sync State control
do_syncrepl: rid=001 rc -1 retrying
do_syncrep2: rid=001 got search entry without Sync State control
do_syncrepl: rid=001 rc -1 retrying
do_syncrep2: rid=001 got search entry without Sync State control
do_syncrepl: rid=001 rc -1 retrying
do_syncrep2: rid=001 got search entry without Sync State control
do_syncrepl: rid=001 rc -1 retrying

The full log up to the above "Sync State Control" messages on the consumer:

request done: ld 0x14043290 msgid 1
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x14043290 msgid 2
dborresen on gp42-rohan$ ssh -X root@gp42-admin1
request done: ld 0x2af20fe89d70 msgid 1
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 2
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 3
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 4
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 5
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 6
ldap_build_search_req ATTRS:
    uid
    userPassword
    uidNumber
    gidNumber
    cn
    homeDirectory
    loginShell
    gecos
    description
    objectClass
request done: ld 0x2af20fe89d70 msgid 7
Last login: Tue Mar 13 09:06:13 2012 from gp42-rohan.llan.ll.mit.edu
root on gp42-admin1# tail -f /var/log/slapd 
  0000:  15 03 01 00 20 dd 4d 17  93 a1 ce 3f 55 5f c5 db   .... .M....?U_..

  0010:  ed 5c c1 86 6f 21 09 c9  ec 8e f5 c0 39 8a b7 7a   .\..o!......9..z

  0020:  1d 4e 66 ed b6                                     .Nf..

TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
tls_read: want=5 error=Bad file descriptor
do_syncrepl: rid=001 rc -1 retrying
daemon: activity on 1 descriptor
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: shutdown requested and initiated.
daemon: closing 7
connection_closing: readying conn=1000 sd=15 for close
connection_close: conn=1000 sd=15
daemon: removing 15
tls_write: want=37, written=37
  0000:  15 03 01 00 20 d7 c9 23  bd 9d c0 16 c6 d4 44 a4   .... ..#......D.

  0010:  a5 dc c0 98 2b 1e 30 a0  87 21 77 b1 53 cc 48 4a   ....+.0..!w.S.HJ

  0020:  4b 80 11 e2 c3                                     K....

TLS trace: SSL3 alert write:warning:close notify
conn=1000 fd=15 closed (slapd shutdown)
connection_closing: readying conn=1001 sd=16 for close
connection_close: conn=1001 sd=16
daemon: removing 16
tls_write: want=37, written=37
  0000:  15 03 01 00 20 00 3e 12  4d e4 d0 22 6a c3 8c 7d   .... .>.M.."j..}

  0010:  ab c9 6e 6b 6b bf 45 de  98 03 e4 3d dc 7a f6 3d   ..nkk.E....=.z.=

  0020:  59 8a ff 95 df                                     Y....

TLS trace: SSL3 alert write:warning:close notify
conn=1001 fd=16 closed (slapd shutdown)
slapd shutdown: waiting for 0 operations/tasks to finish
slapd shutdown: initiated
====> bdb_cache_release_all
====> bdb_cache_release_all
slapd destroy: freeing system resources.
syncinfo_free: rid=001




Just noticed on the Provider, after restarting with DEBUG of "7", the
following:

slapd destroy: freeing system resources
slapd stopped

That is the final two entries in the log.  Running a ps for slapd, it shows
as running,


The following is the slapd logs from the Consumer:
ldap_build_search_req ATTRS: reqDN reqType reqMod reqNewRDN reqDeleteOldRDN
reqNewSuperior entryCSN
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush2: 264 bytes to sd 15
tls_write: want=330, written=330
  0000:  17 03 01 00 20 72 13 92  07 08 37 c4 7b 38 98 13   .... r....7.{8..

  0010:  5a 47 35 08 a5 8e da f7  91 6a 9c ce 57 ba 2e 78   ZG5......j..W..x

  0020:  96 ca e7 1c 4b 17 03 01  01 20 61 b0 79 38 e9 ec   ....K.... a.y8..

  0030:  79 6a 8c 3c a2 55 62 0e  30 f3 86 a5 58 f8 4f 75   yj.<.Ub.0...X.Ou

  0040:  e4 47 a5 16 de 1a 10 34  3d 2f 61 c0 71 f2 72 8d   .G.....4=/a.q.r.

  0050:  11 25 24 3d 7c 52 4e 2d  10 75 84 3b 01 a5 ef 7c   .%$=|RN-.u.;...|

  0060:  2f f1 69 f7 e4 02 89 d6  4e 81 b0 ef f1 43 89 61   /.i.....N....C.a

  0070:  a8 06 ab e1 b9 c8 de d6  92 de f7 f2 38 7e ed 97   ............8~..

  0080:  41 61 f9 13 96 4f d8 a1  72 c7 58 7f d7 52 3e 27   Aa...O..r.X..R>'

  0090:  95 e8 6b 2e b1 36 14 87  96 bf 39 54 08 8f b1 df   ..k..6....9T....

  00a0:  6e 79 3f df b3 0d 14 8d  9a a2 85 8e 6e b5 e7 b6   ny?.........n...

  00b0:  6e d0 f5 41 66 98 2d bd  c9 22 5a e6 bd 91 a0 ea   n..Af.-.."Z.....

  00c0:  10 e3 00 84 a6 13 ed ce  56 10 2b 15 92 5b cf 5f   ........V.+..[._

  00d0:  85 2a 7e 72 57 ad fe 21  a2 09 cf 3a 00 6b 97 a0   .*~rW..!...:.k..

  00e0:  e4 59 47 a1 39 2f 6d 23  a3 6b ec ce c0 c3 88 59   .YG.9/m#.k.....Y

  00f0:  51 15 f7 f0 d0 a4 c9 1d  74 89 34 72 17 f6 ae a5   Q.......t.4r....

  0100:  fe f5 2b 31 af ba ff 2c  11 c8 70 35 26 1e a8 12   ..+1...,..p5&...

  0110:  cd b7 26 ee ff 5e 5e 44  6c fd bb e3 33 5d 8c 6b   ..&..^^Dl...3].k

  0120:  5a f7 81 c9 43 fa 76 88  90 1f 62 39 fd 50 2d 68   Z...C.v...b9.P-h

  0130:  c2 e2 0a f8 32 59 84 5d  97 ca fd ed ab be 76 b5   ....2Y.]......v.

  0140:  bd c2 ef be 08 b4 2a d0  0a 58                     ......*..X

ldap_write: want=264, written=264
  0000:  30 82 01 04 02 01 02 63  7a 04 0c 63 6e 3d 61 63   0......cz..cn=ac

  0010:  63 65 73 73 6c 6f 67 0a  01 02 0a 01 00 02 01 00   cesslog.........

  0020:  02 01 00 01 01 00 87 0b  6f 62 6a 65 63 74 63 6c   ........objectcl

  0030:  61 73 73 30 4e 04 05 72  65 71 44 4e 04 07 72 65   ass0N..reqDN..re

  0040:  71 54 79 70 65 04 06 72  65 71 4d 6f 64 04 09 72   qType..reqMod..r

  0050:  65 71 4e 65 77 52 44 4e  04 0f 72 65 71 44 65 6c   eqNewRDN..reqDel

  0060:  65 74 65 4f 6c 64 52 44  4e 04 0e 72 65 71 4e 65   eteOldRDN..reqNe

  0070:  77 53 75 70 65 72 69 6f  72 04 08 65 6e 74 72 79   wSuperior..entry

  0080:  43 53 4e a0 81 82 30 62  04 18 31 2e 33 2e 36 2e   CSN...0b..1.3.6.

  0090:  31 2e 34 2e 31 2e 34 32  30 33 2e 31 2e 39 2e 31   1.4.1.4203.1.9.1

  00a0:  2e 31 04 46 30 44 0a 01  03 04 3c 72 69 64 3d 30   .1.F0D....<rid=0

  00b0:  30 31 2c 73 69 64 3d 30  30 30 2c 63 73 6e 3d 32   01,sid=000,csn=2

  00c0:  30 31 32 30 33 30 31 31  36 32 30 33 33 2e 31 33   0120301162033.13

  00d0:  32 35 39 35 5a 23 30 30  30 30 30 30 23 30 30 30   2595Z#000000#000

  00e0:  23 30 30 30 30 30 30 01  01 00 30 1c 04 17 32 2e   #000000...0...2.

  00f0:  31 36 2e 38 34 30 2e 31  2e 31 31 33 37 33 30 2e   16.840.1.113730.

  0100:  33 2e 34 2e 32 01 01 ff                            3.4.2...

=>do_syncrep2 rid=001
ldap_result ld 0x176e58f0 msgid 2
wait4msg ld 0x176e58f0 msgid 2 (timeout 0 usec)
wait4msg continue ld 0x176e58f0 msgid 2 all 0
** ld 0x176e58f0 Connections:
* host: gp42-admin2.group42.ldap  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Tue Mar 13 14:32:09 2012


** ld 0x176e58f0 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x176e58f0 request count 1 (abandoned 0)
** ld 0x176e58f0 Response Queue:
   Empty
  ld 0x176e58f0 response count 0
ldap_chkResponseList ld 0x176e58f0 msgid 2 all 0
ldap_chkResponseList returns ld 0x176e58f0 NULL
ldap_int_select
connection_get(15)
connection_get(15): got connid=0
=>do_syncrepl rid=001
=>do_syncrep2 rid=001
ldap_result ld 0x176e58f0 msgid 2
wait4msg ld 0x176e58f0 msgid 2 (timeout 0 usec)
wait4msg continue ld 0x176e58f0 msgid 2 all 0
** ld 0x176e58f0 Connections:
* host: gp42-admin2.group42.ldap  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Tue Mar 13 14:32:09 2012


** ld 0x176e58f0 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x176e58f0 request count 1 (abandoned 0)
** ld 0x176e58f0 Response Queue:
   Empty
  ld 0x176e58f0 response count 0
ldap_chkResponseList ld 0x176e58f0 msgid 2 all 0
ldap_chkResponseList returns ld 0x176e58f0 NULL
ldap_int_select
read1msg: ld 0x176e58f0 msgid 2 all 0
ber_get_next
tls_read: want=5, got=5
  0000:  17 03 01 00 20                                     ....

tls_read: want=32, got=32
  0000:  4e 88 88 4a 6e 77 f0 43  59 1a ec aa 52 ce 3e e1   N..Jnw.CY...R.>.

  0010:  02 a2 26 26 6e 23 9a 87  5f f1 ca fc 88 c0 02 76   ..&&n#.._......v

tls_read: want=5, got=5
  0000:  17 03 01 00 70                                     ....p

tls_read: want=112, got=112
  0000:  1b 7b 97 8b a7 b3 eb ca  db 7b 7a 66 e2 52 52 3a   .{.......{zf.RR:

  0010:  7c 7b 57 10 ba fa ab 94  f8 67 a3 c7 2d 78 0f dc   |{W......g..-x..

  0020:  d7 c1 3a 06 db 4b ad e5  b8 5a fa 29 a7 b6 f4 92   ..:..K...Z.)....

  0030:  e3 50 05 58 80 41 e3 e3  9b 43 08 d8 83 ff bb 1d   .P.X.A...C......

  0040:  c1 37 0f 98 34 32 cc af  27 bd a6 06 57 e0 84 ba   .7..42..'...W...

  0050:  71 8e 1c 85 b6 4d 46 00  04 66 ef 1f e7 a5 ca 3e   q....MF..f.....>

  0060:  26 ce c6 83 78 db 3b b8  f0 92 92 ee 3d 5e 87 d6   &...x.;.....=^..

ldap_read: want=8, got=8
  0000:  30 4d 02 01 02 64 48 04                            0M...dH.

ldap_read: want=71, got=71
  0000:  0c 63 6e 3d 61 63 63 65  73 73 6c 6f 67 30 38 30   .cn=accesslog080

  0010:  36 04 08 65 6e 74 72 79  43 53 4e 31 2a 04 28 32   6..entryCSN1*.(2

  0020:  30 31 32 30 33 30 31 31  36 32 30 33 33 2e 31 33   0120301162033.13

  0030:  32 35 39 35 5a 23 30 30  30 30 30 30 23 30 30 30   2595Z#000000#000

  0040:  23 30 30 30 30 30 30                               #000000

ber_get_next: tag 0x30 len 77 contents:
read1msg: ld 0x176e58f0 msgid 2 message type search-entry
ber_scanf fmt ({xx) ber:
do_syncrep2: rid=001 got search entry without Sync State control
ldap_msgfree
connection_get(15)
connection_get(15): got connid=0
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 15
tls_write: want=74, written=74
  0000:  17 03 01 00 20 46 a2 b3  01 e2 fd c9 d8 13 e4 32   .... F.........2

  0010:  d3 51 b8 21 7e ce 9d 8b  f6 ca 39 5e 3d 4a ea ba   .Q.!~.....9^=J..

  0020:  0a 84 1d 96 a0 17 03 01  00 20 34 0d 82 ce dc 88   ......... 4.....

  0030:  f3 99 49 90 e8 47 98 8c  72 32 98 e5 50 dd 08 01   ..I..G..r2..P...

  0040:  87 20 19 cc 19 3c 6f f1  c8 f4                     . ...<o...

ldap_write: want=7, written=7
  0000:  30 05 02 01 03 42 00                               0....B.

tls_write: want=37, written=37
  0000:  15 03 01 00 20 be 7e 35  96 7c a9 fc 95 05 8d cd   .... .~5.|......

  0010:  c0 93 10 86 e2 25 29 0e  32 cf 63 48 ec d0 8d 1f   .....%).2.cH....

  0020:  1f 75 01 3c 4c                                     .u.<L

TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
tls_read: want=5 error=Bad file descriptor
do_syncrepl: rid=001 rc -1 retrying


David Borresen
ph:  781-981-2954
email: john.d.borresen@ll.mit.edu


-----Original Message-----
From: Howard Chu [mailto:hyc@symas.com] 
Sent: Tuesday, March 13, 2012 2:01 PM
To: Borresen, John - 0442 - MITLL
Cc: Quanah Gibson-Mount; openldap-technical@openldap.org
Subject: Re: OPENLDAP SYNCREPL

Borresen, John - 0442 - MITLL wrote:
> Thanks, Quanah;
>
> As requested:

That was clearly not the problem; if the syncprov module was missing your 
config would have caused slapd to fail to start. Also it was clearly present

since you had it updating the contextCSN in your shutdown log. Quanah, you 
should have already seen that and not sent him on a wild goose chase.

And, one more time: DO NOT DIRECTLY ACCESS THE FILES IN THE CONFIG
DIRECTORY.

Use the database administration tools. For your previous case, you should
have 
simply used:
	slapcat -s olcDatabase=\{1\}bdb,cn=config

Make sure the consumer is talking to the server you think it is. Show slapd 
-d7 output from the provider while the consumer is trying to connect.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Attachment: smime.p7s
Description: S/MIME cryptographic signature