On Thu, Jun 28, 2012 at 2:09 AM, Todd Stein <[email protected]> wrote:
> Hi, > > I have a provider server and five consumer servers, all of which have the > memberOf overlay configured: > > overlay memberof > memberof-group-oc groupOfUniqueNames > memberof-member-ad uniqueMember > memberof-refint true > memberof-dangling ignore > > syncrepl rid=005 > provider=ldap://<server>:389 > type=refreshAndPersist > interval=00:00:05:00 > retry="60 10 600 +" > searchbase="dc=<removed>,dc=<removed>" > filter="(objectClass=*)" > scope=sub > attrs="*" > schemachecking=off > starttls=no > bindmethod=simple > binddn="cn=replica,dc=<removed>,dc=<removed>" > credentials=<removed> > > When I bring a new replica online, it appears that entries are replicated > in the order that they were created on the provider server which produces > many "memberof_value_modify failed err=32" messages in the log, and > incomplete memberOf data. To get around this, I wrote a script which > empties all groups prior to replication, and then recreates the memberships > after the initial replication. This seems to work, but is hardly ideal. Is > there a "more correct" way of replicating memberOf values without > manipulating my provider each time I bring up a new consumer? > > I'm facing the same problem with OpenLDAP 2.4.33. Does anyone have any idea on how to deal with this problem? Thanks in advance Marco
