[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication not working

My Bad

Going forward, what would be my strategy, to enable delta sync repl with one master is already running with 200G mdb db.

What i understand is
 1.enable accesslog overlay on master server configure accesslog  start the master
  2. Take backup with mdb_copyand restore it on other master servers.
  3. Enable accesslog configure to new consumers(work as providers as well)

Can you have a look, if i am wrong some where or any suggestion.

include        /etc/openldap/schema/core.schema
include        /etc/openldap/schema/cosine.schema
include        /etc/openldap/schema/nis.schema
include        /etc/openldap/schema/inetorgperson.schema
include        /etc/openldap/schema/openldap.schema
include        /etc/openldap/schema/dyngroup.schema
include        /etc/openldap/schema/ppolicy.schema
include        /etc/openldap/schema2/channelIdentifier.schema
include        /etc/openldap/schema2/platform.schema
include        /etc/openldap/schema2/extendedProfileKey.schema
include        /etc/openldap/schema2/extendedProfileValue.schema
include        /etc/openldap/schema2/behaviorKey.schema
include        /etc/openldap/schema2/behaviorValue.schema
include        /etc/openldap/schema2/questionAnswer.schema
include        /etc/openldap/schema2/extendedTop.schema
include        /etc/openldap/schema2/counter.schema
serverid        1
TLSCipherSuite HIGH:MEDIUM:+SSLv3
TLSCACertificateFile /etc/openldap/cacerts/cacert.pem
TLSCertificateFile  /etc/openldap/cacerts/mmam01.crt
TLSCertificateKeyFile /etc/openldap/cacerts/mmam01.key
TLSVerifyClient        never

pidfile        /var/run/slapd.pid
argsfile       /var/run/slapd.args
loglevel       sync stats
idletimeout    30
writetimeout   30
modulepath     /etc/openldap/lib64/openldap
moduleload     back_mdb.la
moduleload     ppolicy.la
moduleload     unique.la
moduleload     syncprov.la

database    mdb
suffix        "dc=example,dc=com"
directory    /openldap/var/data
access to attrs=userPassword
      by self     write
      by anonymous auth
      by * break         
                
access to *
    by group/groupOfUniqueNames/uniqueMember.exact="cn=PWrite,ou=bGroup,dc=example,dc=com" manage
    by group/groupOfUniqueNames/uniqueMember.exact="cn=PRead,ou=bGroup,dc=example,dc=com" read
    by * break
access to *
      by self       write
      by anonymous  auth
      by *          read   
rootdn        "cn=Manager,dc=example,dc=com"
rootpw  {SSHA}dXDESQeFjSoa/A1HfJ2TAzYf4DrSYWY
index mail,uid,postalCode,smail,channelType,channelValue,answer,behavName,objectclass,type eq
index givenName,sn,city,cn,extName sub
index displayName approx
index  entryCSN,entryUUID   eq
checkpoint 128  15
maxsize 274877906944
overlay         syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100


#accesslog db configuration
database mdb
suffix cn=log
rootdn "cn=Manager,cn=log"
rootpw xxxxxx
directory /apps/accesslog
index reqStart,objectclass,entryCSN,reqResult eq
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
overlay accesslog
logdb cn=log
logops writes
logpurge 7+00:00 2+00:00
logsuccess TRUE


syncrepl        rid=111
                provider=ldap://sjam01.com
                binddn="cn=Manager,dc=example,dc=com"
                bindmethod=simple
                credentials=0m2013
                tls_cacert=/etc/openldap/cacerts/cacert.pem
                searchbase="dc=example,dc=com"
                type=refreshAndPersist
                retry="5 5 60 +"
                network-timeout=10
                timeout=10
        syncdata=accesslog
                logbase="cn=log"
                logfilter="(&(objectclass=auditWriteObject)(reqResult=0))"

syncrepl        rid=222
                provider=ldap://mmam04.com
                binddn="cn=Manager,dc=example,dc=com"
                bindmethod=simple
                credentials=0m2013
                tls_cacert=/etc/openldap/cacerts/cacert.pem
                searchbase="dc=example,dc=com"
                type=refreshAndPersist
                retry="5 5 60 +"
                network-timeout=10
                timeout=10
        syncdata=accesslog
                logbase="cn=log"
                logfilter="(&(objectclass=auditWriteObject)(reqResult=0))"



mirrormode true

overlay unique
unique_attributes mail
overlay ppolicy
ppolicy_default "cn=default,ou=pwdPolicy,dc=example,dc=com"
ppolicy_use_lockout






On Thu, Jan 17, 2013 at 1:51 AM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
--On Thursday, January 17, 2013 1:48 AM +0530 anil beniwal <beni.anil@gmail.com> wrote:


If i can't use multi master with refreshandpersist then why its given at
all.
i was able to get replication working with same configuration in other
testing environment, but with very less users 1m only.

I don't understand your statement/question.  Delta-Syncrepl MMR uses refresh and persist, and it is the best option to use for replication in OpenLDAP.  Particularly with multi-master replication.


--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration



--

Thanks&Regards
Anil Beniwal
+919891695048