Answer the question
In order to leave comments, you need to log in
What's wrong with Openldap replication?
Good afternoon! There are two servers on centos 7. Openldap is running on them. Set up from here . Server names Main and reserv. Replication is configured between them, configured from here .
Synchronization passed and ldap was left alone. Along the way, they tied mail and an asterisk to ldap. Two ldif (asterisk and postfix-book) schemas have been added. master-slave synchronization stopped working. At first I thought that the schemes are not enough. Added schematics, problem not solved. I looked in the log and there:
сен 03 12:25:09 reserv slapd[3031]: <= bdb_equality_candidates: (entryUUID) not indexed
сен 03 12:25:09 reserv slapd[3031]: syncrepl_message_to_entry: rid=001 mods check (objectClass: value #5 invalid per syntax)
сен 03 12:25:09 reserv slapd[3031]: do_syncrepl: rid=001 rc 21 retrying (2 retries left)
dn: olcDatabase={2}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap
olcDbIndex: objectClass eq,pres
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
structuralObjectClass: olcHdbConfig
entryUUID: 43d5a1b4-bd94-1034-897a-d9f076da28a8
creatorsName: cn=config
createTimestamp: 20150713101835Z
olcSuffix: dc=server,dc=com
olcRootDN: cn=Manager,dc=server,dc=com
olcRootPW:: severt
olcAccess: наши правила
olcSyncrepl: {0}rid=001 provider=ldaps://main:636 bindmethod=simple binddn="cn=Manager,dc=server,dc=com" credentials=pass searchbase="dc=server,dc=com" scope=sub schemachecking=on type=refreshAndPersist retry="30
5 300 3" interval=00:00:01:00
entryCSN: 20150903060851.594625Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20150903060851Z
dn: olcDatabase={2}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap
olcDbIndex: objectClass eq,pres
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
structuralObjectClass: olcHdbConfig
entryUUID: 27e029ea-aab4-1034-8f66-eba4220ad090
creatorsName: cn=config
createTimestamp: 20150619094900Z
olcRootPW:: pass
olcSuffix: dc=server,dc=com
olcRootDN: cn=Manager,dc=server,dc=com
наши правила
entryCSN: 20150714110803.738973Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20150714110803Z
Answer the question
In order to leave comments, you need to log in
The error was that an extra schema was added to the master server. After adding the schema to the slaves, the problem was solved!
By the way, not a big comment:
objectClass: is the ldap scheme
value #5 invalid per syntax and this is the number under which the scheme itself is located in the /etc/openldap/slapd.d/cn=config/cn=schema directory
I'm not very good at this myself, what could be the syntax error in the part
rid=001 mods check (objectClass: value #5 invalid per syntax)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question