We have 4 openldap servers, 1 and 2 are masters with mirror mode., 3
and 4 are slaves. 3 and 4 sometimes get out of sync with masters. But
a few minutes or a few hours later, it can get synced again with some
"random" events. The reason I call it "random" because I could not
find any patter yet. This happens almost every day.
What I found is 3 and 4 (consumer) sometime get newer entryCSN than 1
and 2 (provider)
for example
on 1 and 2
entryCSN: 20130115190406.091431Z#000000#001#000000
on 3 and 4
entryCSN: 20130116183923.969790Z#000000#000#000000
I have confirmed that with the following syncrepl config, we can not
update entry on 3 or 4 directly. (ldap_modify: Server is unwilling to
perform (53)
additional info: shadow context; no update referral). So that exclude
the possibility 3 and 4 get updated directly from ldap client.
Any direction?
Thanks
Frank
Attachment: sync config portion
#server 1
serverID 1
syncrepl rid=001
provider=ldap://s2.domain.com
bindmethod=simple
binddn="cn=Manager,dc=domain,dc=com"
credentials=xxxxxxx
searchbase="dc=domain,dc=com"
schemachecking=on
type=refreshAndPersist
retry="60 +"
mirrormode on
#server 2
serverID 2
syncrepl rid=002
provider=ldap://s1.domain.com
bindmethod=simple
binddn="cn=Manager,dc=domain,dc=com"
credentials=xxxxxxx
searchbase="dc=domain,dc=com"
schemachecking=on
type=refreshAndPersist
retry="60 +"
mirrormode on
#server 3
syncrepl rid=003
provider=ldap://ldaptm.domain.com
bindmethod=simple
binddn="cn=Manager,dc=domain,dc=com"
credentials=xxxxxxx
searchbase="dc=domain,dc=com"
schemachecking=on
type=refreshAndPersist
retry="60 +"
#server 4
syncrepl rid=004
provider=ldap://ldaptm.domain.com
bindmethod=simple
binddn="cn=Manager,dc=domain,dc=com"
credentials=xxxxxxx
searchbase="dc=domain,dc=com"
schemachecking=on
type=refreshAndPersist
retry="60 +"
As you noticed, ldaptm.domain.com is a virtual service on load
balancer with server 1 and 2 behind
