Naufal Sheikh wrote:
Ok, I am using openldap 2.2.20 on both machines.
You should seriously consider upgrading since 2.2.x is historic since quite
a while. Historic means there is absolutely no support for this code base
anymore. Even no security fixes! Nada!
I have added replog attribute in the slapd.conf of my backup machine. I
switch off my production for maintainance, and swithc the backup on. AS
it has replog enabled it starts creating logs of the events, After
maintainance activity I ftp the replog to production and use ldapmodify
to apply those logs on production.
This is a very unusual approach. Note that ldapmodify is a normal DUA
(directory *user* agent).
ldap_modify: Constraint violation (19)
additional info: entryCSN: no user modification allowed
IF I edit my replog and remove all the stuff like
replace: lastModifiedTime
lastModifiedTime: 2008-03-24 12:27
-
replace: entryCSN
entryCSN: 20080324172725Z#000001#00#000000
These attributes are operational attributes not modifiable by a normal DUA.
Consider deploying a real replication mechanism (syncrepl preferred). There
are several modes available which should satisfy your particular needs.
http://www.openldap.org/doc/admin24/config.html#Replicated%20Directory%20Service
http://www.openldap.org/doc/admin24/replication.html
http://www.openldap.org/faq/data/cache/1170.html
Ciao, Michael.
