Re: Replication monitoring

Andreas Andersson Mon, 31 Jan 2011 11:26:44 -0800

Hi!

I have checked the replication verification a little bit more.


First of all. I'm using 2.4.21 and you need to allow reading to both cn=monitor 
and cn=config. So using a monitoring user is important here.
My slapd.conf configuration:

# syncrepl Provider for primary db
overlay syncprov
syncprov-checkpoint 5 1

# syncrepl directive
syncrepl      rid=001
              provider=ldap://host2
              bindmethod=simple
              binddn="cn=Manager,dc=domain,dc=com"
              credentials=secret
              searchbase="dc=domain,dc=com"
              schemachecking=on
              type=refreshAndPersist
              retry="60 +"

mirrormode on

# enable monitoring
database monitor
# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
        by * none
# enable monitoring
database config
# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=CNMonitor User,dc=domain,dc=com" read
        by * none

And the replication must update the contextCSN attribute. You can verify this 
by:
ldapsearch -x -h <host> -D "<monitoring user>" -W -s base -b "dc=domain,dc=com" 
contextCSN

In my example the result is:
dn: dc=domain,dc=com
contextCSN: 20100823161844.565867Z#000000#000#000000
contextCSN: 20100825160932.333710Z#000000#001#000000

Hope this helps.

So as long as you can retrieve this information using the same monitoring user 
as configured in CN=Monitor you should retrieve replication verification info.

Regards - Andreas

On Jan 26, 2011, at 10:30 PM, Peter Boosten wrote:

> 
> On 26 jan 2011, at 19:59, Peter Boosten wrote:
> 
>> 
>> On 26 jan 2011, at 19:32, Andreas Andersson wrote:
>> 
>>> How about replication verification? Can you confirm that its working?
>> 
>> 
>> Ok, looking at the screenshot you sent in your first email, replication 
>> settings don't seem to be recognized in my setup (you have an error below 
>> the selected server, showing the server whom is replicated to, but in my 
>> setup there's no such arrow, nor another server).
>> 
>> Any ideas?
>> 
> 
> After some testing there's actually more not working, for instance: the 
> collectsummary.php script doesn;t return any values (all 0), ut if I try the 
> ldapquery manually, it actually gives non-zero results:
> 
> ra% ldapsearch -x -D "cn=root,dc=boosten,dc=org" -W -b 
> "cn=operations,cn=monitor" -LLL '(cn=modify)' monitorOpCompleted
> Enter LDAP Password:
> dn: cn=Modify,cn=Operations,cn=Monitor
> monitorOpCompleted: 19
> 
> and from the cli log:
> 
> 0 ) modify - Summary Value: 0
> 0 ) modify - Value NOT Stored to db as it is empty
> 
> I'm on OpenLDAP 2.4.23, on FreeBSD.
> 
> -- 
> Peter Boosten
> http://www.boosten.org
> 
> 
>

Re: Replication monitoring

Reply via email to