On mié, 2017-01-18 at 14:46 -0800, Quanah Gibson-Mount wrote: > Yes. If you have any entries still in the DB that have an entryCSN > from > your old provider, it will be a valid contextCSN value. If you want > that > contextCSN gone, you'll need to slapcat your database and modify the > LDIF > accordingly before re-importing. I assume that was serverID 006, you > would > want to find all instances of #006# and replace them with one of > #001#, > #004#, or #005# (so they are consistent) and then reload all servers. >
I can assume some downtime and be in safe place. My idea was to proceed as follows: - Take slapcat Backup of all DITs (including cn=config) - Remove any contextCSN attribute from the resulting LDIFs - Stop all 3 servers - Remove entirely the DBs on the servers - Do a slapadd of the previous LDIFs - Start servers again (so re-replicating again with new contextCSN, now corret). Should that work ? even for cn=config DB ? Also to further confuse a bit more the scenario, today I realized that a new contextCSN appeared: dn: dc=l3jane,dc=net contextCSN: 20170111084028.692133Z#000000#001#000000 contextCSN: 20170118224410.110554Z#000000#003#000000 contextCSN: 20161228225757.121969Z#000000#004#000000 contextCSN: 20160201102250.543748Z#000000#005#000000 contextCSN: 20150917152138.054326Z#000000#006#000000 Also the explanation that conextCSN attribute is = contextCSN#rid#sid#000000 seem not correct as I have rids 001, 002 and 003, and serverIds 1,2,3 so none of this matches with my results. As summary of my setup: olcServerID: 1 ldap://ender.l3jane.net olcServerID: 3 ldap://continuity.l3jane.net olcServerID: 2 ldap://mona.l3jane.net cn=config is replicated along 3 servers in mirror-mode, DB: olcSyncrepl: {0}rid=001 provider=ldap://ender.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="cn=config" type=refreshAndPersist retry="10 6 600 +" timeout=2 olcSyncrepl: {1}rid=003 provider=ldap://continuity.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="cn=config" type=refreshAndPersist retry="10 6 600 +" timeout=2 olcSyncrepl: {2}rid=002 provider=ldap://mona.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="cn=config" type=refreshAndPersist retry="10 6 600 +" timeout=2 But I get this contextCSN values: dn: cn=config contextCSN: 20170111084531.247823Z#000000#001#000000 contextCSN: 20161230165409.486624Z#000000#003#000000 Si I'm missing one contextCSN? (there are 3 providers) ? Also for the other DIT dc=l3jane,dc=net: olcSyncrepl: {0}rid=001 provider=ldap://ender.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="dc=l3jane,dc=net" type=refreshAndPersist retry="10 6 600 +" timeout=2 olcSyncrepl: {1}rid=002 provider=ldap://mona.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="dc=l3jane,dc=net" type=refreshAndPersist retry="10 6 600 +" timeout=2 olcSyncrepl: {2}rid=003 provider=ldap://continuity.l3jane.net binddn="cn=Backup,ou=DSA,dc=l3jane,dc=net" bindmethod=simple credentials=X searchbase="dc=l3jane,dc=net" type=refreshAndPersist retry="10 6 600 +" timeout=2 But I get 5 contextCSNs: # ldapsearch -LLL -x -s base contextCSN dn: dc=l3jane,dc=net contextCSN: 20170111084028.692133Z#000000#001#000000 contextCSN: 20170118224410.110554Z#000000#003#000000 contextCSN: 20161228225757.121969Z#000000#004#000000 contextCSN: 20160201102250.543748Z#000000#005#000000 contextCSN: 20150917152138.054326Z#000000#006#000000 ???? Thanks much
