我目前正在使用 Ubuntu 10.04(我已经在 RHEL 5.x 上进行了设置,但 Ubuntu 中的配置方式不同)。
无论如何,起初我认为我一切正常。当我对 ldap01 进行更新时,我立即看到了 ldap02 的变化。但是,如果我在 ldap02(或 01)上删除 slapd 并将 LDAP 条目添加到 ldap01 中,然后将 ldap02 的 slapd 进程重新联机,我将永远看不到在 slapd 在 ldap02 上关闭时创建的条目。新条目继续在 ldap01 和 ldap02 之间传播,只要两个服务器都运行 slapd 进程,但是当 slapd 在 ldap02 上关闭时创建的条目永远不会传播到 02。
这是我的配置和 ldap 版本:
ii slapd 2.4.21-0ubuntu5.7 OpenLDAP 服务器 (slapd)
---- /etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif -----
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 deacdc79
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
olcAccess: {1}to attrs=userPassword,shadowLastChange by self write by anonymou
s auth by dn="cn=admin,dc=example,dc=net" write by * none
olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=net" write b
y * read
structuralObjectClass: olcDatabaseConfig
entryUUID: 19eb3cc6-3898-1031-954c-351a2fbb42e9
creatorsName: cn=config
createTimestamp: 20120522202605Z
olcSyncrepl: {0}rid=001 provider="ldap://ldap-01:389" type=refreshAndPer
sist retry="5 5 300 +" searchbase="cn=config" attrs="*,+" bindmethod=simple b
inddn="cn=admin,dc=example,dc=net" credentials="secret"
olcSyncrepl: {1}rid=002 provider="ldap://ldap-02:389" type=refreshAndPer
sist retry="5 5 300 +" searchbase="cn=config" attrs="*,+" bindmethod=simple b
inddn="cn=admin,dc=example,dc=net" credentials="secret"
olcMirrorMode: TRUE
entryCSN: 20120528195647.027315Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=net
modifyTimestamp: 20120528195647Z
---- /etc/ldap/slapd.d/cn=config/olcDatabase={0}config/olcOverlay={0}syncprov.ldif ----
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 807029fa
dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
structuralObjectClass: olcSyncProvConfig
entryUUID: 3be00cb6-3dee-1031-8f60-519aa1b6f74f
creatorsName: cn=admin,dc=example,dc=net
createTimestamp: 20120529152514Z
entryCSN: 20120529152514.987191Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=net
modifyTimestamp: 20120529152514Z
---- /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif ----
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 1b0a3130
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=net
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
s auth by dn="cn=admin,dc=example,dc=net" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=net" write b
y * read
olcLastMod: TRUE
olcRootDN: cn=admin,dc=example,dc=net
olcRootPW:: e1NTSEF9Ni9IZWJCczRTbmJQYlc4NHFOMWxHWUI5NVNoVUl4U20=
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
structuralObjectClass: olcHdbConfig
entryUUID: 19ebfdc8-3898-1031-9554-351a2fbb42e9
creatorsName: cn=config
createTimestamp: 20120522202605Z
olcSyncrepl: {0}rid=001 provider="ldap://ldap-01:389" type=refreshAndPer
sist retry="5 5 300 +" searchbase="dc=example,dc=net" attrs="*,+" bindmeth
od=simple binddn="cn=admin,dc=example,dc=net" credentials="secret"
olcSyncrepl: {1}rid=002 provider="ldap://ldap-02:389" type=refreshAndPer
sist retry="5 5 300 +" searchbase="dc=example,dc=net" attrs="*,+" bindmeth
od=simple binddn="cn=admin,dc=example,dc=net" credentials="secret"
olcMirrorMode: TRUE
entryCSN: 20120528195647.026244Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=net
modifyTimestamp: 20120528195647Z
----- /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb/olcOverlay={0}syncprov.ldif ----
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 807029fa
dn: olcOverlay={0}syncprov
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
structuralObjectClass: olcSyncProvConfig
entryUUID: 3be00cb6-3dee-1031-8f60-519aa1b6f74f
creatorsName: cn=admin,dc=example,dc=net
createTimestamp: 20120529152514Z
entryCSN: 20120529152514.987191Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=net
modifyTimestamp: 20120529152514Z