[Date Prev][Date Next] [Chronological] [Thread] [Top]

help with setting up replication

To: openldap-technical@openldap.org
Subject: help with setting up replication
From: Jeff Dickens <jeff@seamanpaper.com>
Date: Wed, 29 Aug 2012 11:32:14 -0400

I've been following this page from the Ubuntu Server Guide with generally good results:

https://help.ubuntu.com/12.04/serverguide/openldap-server.html

Now I'm down to the replication section, at https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-server-replication . So far it isn't working. First things first:

I create the following ldif file to configure the sync provider:

# Add indexes to the frontend db.
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcDbIndex

olcDbIndex: entryCSN eq
-
add: olcDbIndex
olcDbIndex: entryUUID eq

#Load the syncprov and accesslog modules.
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: syncprov
-
add: olcModuleLoad
olcModuleLoad: accesslog

# Accesslog database definitions
dn: olcDatabase={2}hdb,cn=config
objectClass: olcDatabaseConfig

objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap/accesslog
olcSuffix: cn=accesslog

olcRootDN: cn=admin,dc=intranet,dc=seamanpaper,dc=com
olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart

# Accesslog db syncprov.
dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config
changetype: add

objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpNoPresent: TRUE

olcSpReloadHint: TRUE

# syncrepl Provider for primary db
dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config

changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov

olcSpNoPresent: TRUE

# accesslog overlay definitions for primary db
dn: olcOverlay=accesslog,olcDatabase={1}hdb,cn=config

objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: accesslog
olcAccessLogDB: cn=accesslog

olcAccessLogOps: writes
olcAccessLogSuccess: TRUE
# scan the accesslog DB every day, and purge entries older than 7 days

olcAccessLogPurge: 07+00:00 01+00:00

The guide says you can test the provider with this command:

root@grackle:~# ldapsearch -z1 -LLLQY EXTERNAL -H ldapi:/// -s base contextCSN
dn:

root@grackle:~#

but as you see that doesn't return anything. However, this command does find it:

root@grackle:~# slapcat | grep -C 10 contextCSN
objectClass: organization
o: intranet.seamanpaper.com

dc: intranet
structuralObjectClass: organization
entryUUID: 99e43416-73a1-1031-9d82-4f560555aca0
creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com

createTimestamp: 20120805233244Z
entryCSN: 20120805233244.262007Z#000000#000#000000
modifiersName: cn=admin,dc=intranet,dc=seamanpaper,dc=com

modifyTimestamp: 20120805233244Z
contextCSN: 20120829024252.920832Z#000000#000#000000

dn: cn=admin,dc=intranet,dc=seamanpaper,dc=com

objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

userPassword:: e1NTSEF9Nm9zUVlmUStzd1RCOVJCQXUyL3NhQURpYTZ1R0NuRC8=
structuralObjectClass: organizationalRole
entryUUID: 99e4f9fa-73a1-1031-9d83-4f560555aca0

creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com
root@grackle:~#

Before I go on to figure out why the sync isn't working, why isn't the ldapsearch command above returning anything?

Thanks in advance for your help.

--
Jeff Dickens
IT Manager 978-632-1513

Follow-Ups:
- Re: help with setting up replication
  - From: Christopher Wood <christopher_wood@pobox.com>
- Re: help with setting up replication
  - From: Gavin Henry <ghenry@suretecsystems.com>

Prev by Date: Re: Configuring ppolicy problem
Next by Date: Re: Index Add Failures
Index(es):
- Chronological
- Thread