On 02/03/22 20:29, Michael Ströder wrote:
On 3/2/22 11:49, Francesco Malvezzi wrote:
on a consumer I spotted a zombie entry which was deleted on provider.
Which OpenLDAP version are you using?
consumer: openldap-2.5.6
provider: openldap-2.4.56
Replication is syncrepl:
olcSyncrepl: {0}rid=003 provider=ldap://ldap-master.example.org
binddn="cn=repluser,ou=agents,dc=example,dc=org" bindmethod=simple
credentials="secret" searchbase="ou=people,dc=example,dc=org"
type=refreshOnly interval=00:00:01:00 retry="5 5 30 +" timeout=1
scope=sub schemachecking=on exattrs=sambaHomeDrive sizelimit=100000
timelimit=7200 starttls=yes filter="....."
I cannot really tell what's going on in your deployment.
got it: the procedure is fine but the environment is broken.
I stopped slapd, deleted the mdb files, restarted slapd and in an
acceptable time the users have been all re-synced with all zombies
dropped. It is not elegant at all, so I need to investigate the deployment.
But I wonder why you added sizelimit= to the syncrepl directive. Do you
really have less than 100000 entries?
yes, the example.edu userbase is really this small (67k users more or
less). Anyhow I removed the sizelimit, even if I think it would hurt me
in the other way (banning users from showing up, not from being removed),
Ciao, Michael.
thank you so much for your time,
Francesco
