'Re: Replication Broke'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-technical
Subject:    Re: Replication Broke
From:       Daniel Howard <dannyman () toldme ! com>
Date:       2018-01-13 0:47:06
Message-ID: CAKU=tE8vD46aeHpuT=KUQFLweK9uViqj901FhZTYwsBT8tyf6w () mail ! gmail ! com
[Download RAW message or body]

["attachment.htm" (text/html)]

<div dir="ltr"><div class="gmail_default" style="font-family:georgia,serif">Followup: \
I had added a ppolicy module to Master but not to Consumer. Thus the message about \
pwdChangeTime. Adding the module to consumer fixed replication.</div><div \
class="gmail_default" style="font-family:georgia,serif"><br></div><div \
class="gmail_default" style="font-family:georgia,serif">-danny</div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 12, 2018 at 4:33 PM, \
Daniel Howard <span dir="ltr">&lt;<a href="mailto:dannyman@toldme.com" \
target="_blank">dannyman@toldme.com</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default"><div \
class="gmail_default"><font face="georgia, serif">Hello,</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">He have OpenLDAP replication set up \
based on the docs at <a \
href="https://help.ubuntu.com/lts/serverguide/openldap-server.html#openldap-server-replication" \
target="_blank">https://help.ubuntu.com/lts/<wbr>serverguide/openldap-server.<wbr>html#openldap-server-<wbr>replication</a></font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">I noticed recently a symptom, \
whereby a new user exists only on the primary.</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">So, I started to \
debug:</font></div><div class="gmail_default"><font face="georgia, \
serif"><br></font></div><div class="gmail_default"><font face="georgia, \
serif">Master: (ldap0)</font></div><div class="gmail_default"><font face="georgia, \
serif"><br></font></div><div class="gmail_default"><font face="georgia, \
serif">0-16:23 djh@ldap0 ~$ ldapsearch -z1 -LLLQY EXTERNAL -H ldapi:/// -s base -b \
dc=qxxxxxxxxd,dc=com contextCSN</font></div><div class="gmail_default"><font \
face="georgia, serif">dn: dc=qxxxxxxxxd,dc=com</font></div><div \
class="gmail_default"><font face="georgia, serif">contextCSN: \
20180113002606.399160Z#000000#<wbr>000#000000</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">Consumer: (ldap1)</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">0-16:23 djh@ldap1 ~$ ldapsearch -z1 \
-LLLQY EXTERNAL -H ldapi:/// -s base -b dc=qxxxxxxxxd,dc=com \
contextCSN</font></div><div class="gmail_default"><font face="georgia, serif">dn: \
dc=qxxxxxxxxd,dc=com</font></div><div class="gmail_default"><font face="georgia, \
serif">contextCSN: 20171121212631.416502Z#000000#<wbr>000#000000</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">Ooohhh, my!</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">I have a lot of messages like this \
on the consumer:</font></div><div class="gmail_default"><font face="georgia, \
serif"><br></font></div><div class="gmail_default"><font face="georgia, serif">Jan 12 \
16:28:55 ldap1 slapd[5383]: syncrepl_message_to_entry: rid=317 DN: \
uid=djh,ou=People,dc=<wbr>qxxxxxxxxd,dc=com, UUID: \
29f7fc06-7c2a-1035-83e5-<wbr>9d6082b37970</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_entry: rid=317 LDAP_RES_SEARCH_ENTRY(LDAP_<wbr>SYNC_ADD)</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_entry: rid=317 inserted UUID \
29f7fc06-7c2a-1035-83e5-<wbr>9d6082b37970</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
dn_callback : entries have identical CSN uid=djh,ou=People,dc=<wbr>qxxxxxxxxd,dc=com \
20180113002133.183992Z#000000#<wbr>000#000000</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_entry: rid=317 be_search (0)</font></div><div class="gmail_default"><font \
face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: syncrepl_entry: rid=317 \
uid=djh,ou=People,dc=<wbr>qxxxxxxxxd,dc=com</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_entry: rid=317 entry unchanged, ignored \
(uid=djh,ou=People,dc=<wbr>qxxxxxxxxd,dc=com)</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_message_to_entry: rid=317 DN: uid=john,ou=People,dc=<wbr>qxxxxxxxxd,dc=com, \
UUID: ddaae880-7c2f-1035-83ed-<wbr>9d6082b37970</font></div><div \
class="gmail_default"><font face="georgia, serif">Jan 12 16:28:55 ldap1 slapd[5383]: \
syncrepl_message_to_entry: rid=317 mods check (pwdChangedTime: attribute type \
undefined)</font></div><div class="gmail_default"><font face="georgia, serif">Jan 12 \
16:28:55 ldap1 slapd[5383]: do_syncrepl: rid=317 rc 17 retrying</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">What is funny is I can, for \
example, change the loginshell on my account, and that replicates.</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">Is the latter message about \
</font><font face="monospace">pwdChangedTime a clue that maybe I had a schema change \
on Master that hasn&#39;t been applied to Consumer?</font></div><div \
class="gmail_default"><font face="georgia, serif"><br></font></div><div \
class="gmail_default"><font face="georgia, serif">Please advise on where to look \
next? Thanks!</font></div><div class="gmail_default"><font face="georgia, \
serif"><br></font></div><div class="gmail_default"><font face="georgia, \
serif">-danny</font></div><span class="HOEnZb"><font color="#888888"><div \
style="font-family:georgia,serif"><br></div></font></span></div><span \
class="HOEnZb"><font color="#888888">-- <br><div \
class="m_-6429140704745937224gmail_signature"><a href="http://dannyman.toldme.com" \
target="_blank">http://dannyman.toldme.com</a></div> </font></span></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature" data-smartmail="gmail_signature"><a \
href="http://dannyman.toldme.com" \
target="_blank">http://dannyman.toldme.com</a></div> </div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic