Hello,
I've configured 2 ldap servers (2.4.21, from ubuntu 10.04 package) in a
master-master configuration. The configuration I have is:
{0}rid=004 provider=ldap://ldap1.mydomain.com binddn="<replicauser>"
bindmethod=simple credentials=<replicapass> searchbase="<dc=mydomain>"
type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout=1
{1}rid=005 provider=ldap://ldap2.mydomain.com binddn="<relicauser>"
bindmethod=simple credentials=<replicapass> searchbase="<dc=mydomain>"
type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout=1
I have an oclAccess like:
{3}to dn.subtree=<dc=mydomain>
by group.exact=<admingroup> manage
...
by * none break
Replica user belongs to group <admingroup>, so it has complete access
to the directory.
I have also a limit like:
{1}group=<admingroup> time.soft=unlimited time.hard=unlimited
size.soft=unlimited size.hard=unlimited
so it has no limits.
The problem is that I'm loading the directory with a lot of entries
(about 109000). After all the load process (I've done it in ldap2, with
ldapadd commands) I have all the entries in ldap2, but I have a few less
in ldap1 (about 107000).
How could I debug the problem?
I have tried later to remove from ldap2 an entry that it isn't at
ldap1, and then add it again and the replication is done, so I don't
know why it hasn't been replicated the first time.
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información _o)
y las Comunicaciones Aplicadas (ATICA) / \\
http://www.um.es/atica _(___V
Tfo: 868887590
Fax: 868888337
