[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
memberOf data in new replica servers 2.4.31
- To: openldap-technical@openldap.org
- Subject: memberOf data in new replica servers 2.4.31
- From: Todd Stein <todd.stein@openx.org>
- Date: Wed, 27 Jun 2012 17:09:30 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openx.org; s=openx; h=mime-version:date:message-id:subject:from:to:content-type; bh=uFOtYB0WdvqS0UqJ9nSI5h2j1t3ye3kckLakIZtIAWU=; b=KOA/X/vZTvmXtTGiU+6thrn0BaEtMNzKkR/WiJ1Cgd68MborWIfoxAr2AtXBBu9Nhg Rhn2W8SBPjxchn05qItfsDYKF0DAP0EC3fJne5N1NRCymYgLy2KrjjlcGOqD76o1udcM JiMEVOpl0Y1vezFqdk47bmTNDgDJfErW+k7FU=
Hi,
I have a provider server and five consumer servers, all of which have the memberOf overlay configured:
overlay memberof
memberof-group-oc groupOfUniqueNames
memberof-member-ad uniqueMember
memberof-refint true
memberof-dangling ignore
syncrepl rid=005
provider=ldap://<server>:389
type=refreshAndPersist
interval=00:00:05:00
retry="60 10 600 +"
searchbase="dc=<removed>,dc=<removed>"
filter="(objectClass=*)"
scope=sub
attrs="*"
schemachecking=off
starttls=no
bindmethod=simple
binddn="cn=replica,dc=<removed>,dc=<removed>"
credentials=<removed>
When I bring a new replica online, it appears that entries are replicated in the order that they were created on the provider server which produces many "memberof_value_modify failed err=32" messages in the log, and incomplete memberOf data. To get around this, I wrote a script which empties all groups prior to replication, and then recreates the memberships after the initial replication. This seems to work, but is hardly ideal. Is there a "more correct" way of replicating memberOf values without manipulating my provider each time I bring up a new consumer?
Thank you very much,
Todd