Re: replication from child to Parent domain

owen nirvana Tue, 17 Aug 2010 23:53:00 -0700

parent is customer
"""
suffix          "dc=SCNCA,dc=ROOTCA"
rootdn        "cn=admin,dc=SCNCA,dc=ROOTCA"
rootpw        secret


checkpoint      512 30

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

ServerID 000

syncrepl rid=001
        provider=ldap://${SON_LDAP_ADDRESS}:${SON_LDAP_PORT}
        type=refreshOnly
# five minutes, you should do syncrepl once a day in practice
        interval=00:01:00:00
        searchbase="${SON_BASE}"
        filter="(objectClass=*)"
        scope=sub
        schemachecking=off
        bindmethod=simple
        binddn="${SON_ADMIN}"
        credentials=${SON_PASSWD}
        retry="5 5 300 +"

mirrormode on

"""

son is provider
"""
suffix          "dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootdn        "cn=admin,dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootpw        secret

checkpoint      512 30

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

ServerID 001
"""

and son's log is

"""
<<< dnPrettyNormal: <dc=sonca,dc=scnca,dc=rootca>,
<dc=sonca,dc=scnca,dc=rootca>
SRCH "dc=sonca,dc=scnca,dc=rootca" 2 0    0 0 0
ber_scanf fmt (m) ber:
ber_dump: buf=010E1060 ptr=010E109C end=010E1136 len=154
  0000:  87 0b 6f 62 6a 65 63 74  43 6c 61 73 73 30 06 04
..objectClass0..
  0010:  01 2a 04 01 2b a0 81 82  30 62 04 18 31 2e 33 2e
.*..+...0b..1.3.
  0020:  36 2e 31 2e 34 2e 31 2e  34 32 30 33 2e 31 2e 39
6.1.4.1.4203.1.9
  0030:  2e 31 2e 31 04 46 30 44  0a 01 01 04 3c 72 69 64
.1.1.F0D....<rid
  0040:  3d 30 30 31 2c 73 69 64  3d 30 30 30 2c 63 73 6e
=001,sid=000,csn
  0050:  3d 32 30 31 30 30 38 31  33 30 37 34 38 34 36 2e
=20100813074846.
  0060:  34 35 37 32 37 39 5a 23  30 30 30 30 30 30 23 30
457279Z#000000#0
  0070:  30 30 23 30 30 30 30 30  30 01 01 ff 30 1c 04 17
00#000000...0...
  0080:  32 2e 31 36 2e 38 34 30  2e 31 2e 31 31 33 37 33
2.16.840.1.11373
  0090:  30 2e 33 2e 34 2e 32 01  01 ff
0.3.4.2...
    filter: (objectClass=*)
ber_scanf fmt ({M}}) ber:
ber_dump: buf=010E1060 ptr=010E10A9 end=010E1136 len=141
  0000:  00 06 04 01 2a 04 01 2b  a0 81 82 30 62 04 18 31
....*..+...0b..1
  0010:  2e 33 2e 36 2e 31 2e 34  2e 31 2e 34 32 30 33 2e
.3.6.1.4.1.4203.
  0020:  31 2e 39 2e 31 2e 31 04  46 30 44 0a 01 01 04 3c
1.9.1.1.F0D....<
  0030:  72 69 64 3d 30 30 31 2c  73 69 64 3d 30 30 30 2c
rid=001,sid=000,
  0040:  63 73 6e 3d 32 30 31 30  30 38 31 33 30 37 34 38
csn=201008130748
  0050:  34 36 2e 34 35 37 32 37  39 5a 23 30 30 30 30 30
46.457279Z#00000
  0060:  30 23 30 30 30 23 30 30  30 30 30 30 01 01 ff 30
0#000#000000...0
  0070:  1c 04 17 32 2e 31 36 2e  38 34 30 2e 31 2e 31 31
...2.16.840.1.11
  0080:  33 37 33 30 2e 33 2e 34  2e 32 01 01 ff
3730.3.4.2...
=> get_ctrls
ber_scanf fmt ({m) ber:
ber_dump: buf=010E1060 ptr=010E10B4 end=010E1136 len=130
  0000:  30 62 04 18 31 2e 33 2e  36 2e 31 2e 34 2e 31 2e
0b..1.3.6.1.4.1.
  0010:  34 32 30 33 2e 31 2e 39  2e 31 2e 31 04 46 30 44
4203.1.9.1.1.F0D
  0020:  0a 01 01 04 3c 72 69 64  3d 30 30 31 2c 73 69 64
....<rid=001,sid
  0030:  3d 30 30 30 2c 63 73 6e  3d 32 30 31 30 30 38 31
=000,csn=2010081
  0040:  33 30 37 34 38 34 36 2e  34 35 37 32 37 39 5a 23
3074846.457279Z#
  0050:  30 30 30 30 30 30 23 30  30 30 23 30 30 30 30 30
000000#000#00000
  0060:  30 01 01 ff 30 1c 04 17  32 2e 31 36 2e 38 34 30
0...0...2.16.840
  0070:  2e 31 2e 31 31 33 37 33  30 2e 33 2e 34 2e 32 01
.1.113730.3.4.2.
  0080:  01 ff
..
ber_scanf fmt (m) ber:
ber_dump: buf=010E1060 ptr=010E10D0 end=010E1136 len=102
  0000:  00 46 30 44 0a 01 01 04  3c 72 69 64 3d 30 30 31
.F0D....<rid=001
  0010:  2c 73 69 64 3d 30 30 30  2c 63 73 6e 3d 32 30 31
,sid=000,csn=201
  0020:  30 30 38 31 33 30 37 34  38 34 36 2e 34 35 37 32
00813074846.4572
  0030:  37 39 5a 23 30 30 30 30  30 30 23 30 30 30 23 30
79Z#000000#000#0
  0040:  30 30 30 30 30 01 01 ff  30 1c 04 17 32 2e 31 36
00000...0...2.16
  0050:  2e 38 34 30 2e 31 2e 31  31 33 37 33 30 2e 33 2e
.840.1.113730.3.
  0060:  34 2e 32 01 01 ff
4.2...
=> get_ctrls: oid="1.3.6.1.4.1.4203.1.9.1.1" (noncritical)
ber_scanf fmt ({i) ber:
ber_dump: buf=010E10D2 ptr=010E10D2 end=010E1118 len=70
  0000:  30 44 0a 01 01 04 3c 72  69 64 3d 30 30 31 2c 73
0D....<rid=001,s
  0010:  69 64 3d 30 30 30 2c 63  73 6e 3d 32 30 31 30 30
id=000,csn=20100
  0020:  38 31 33 30 37 34 38 34  36 2e 34 35 37 32 37 39
813074846.457279
  0030:  5a 23 30 30 30 30 30 30  23 30 30 30 23 30 30 30
Z#000000#000#000
  0040:  30 30 30 01 01 ff
000...
ber_scanf fmt (m) ber:
ber_dump: buf=010E10D2 ptr=010E10D7 end=010E1118 len=65
  0000:  04 3c 72 69 64 3d 30 30  31 2c 73 69 64 3d 30 30
.<rid=001,sid=00
  0010:  30 2c 63 73 6e 3d 32 30  31 30 30 38 31 33 30 37
0,csn=2010081307
  0020:  34 38 34 36 2e 34 35 37  32 37 39 5a 23 30 30 30
4846.457279Z#000
  0030:  30 30 30 23 30 30 30 23  30 30 30 30 30 30 01 01
000#000#000000..
  0040:  ff
.
ber_scanf fmt (b) ber:
ber_dump: buf=010E10D2 ptr=010E1115 end=010E1118 len=3
  0000:  00 01 ff
...
ber_scanf fmt (}) ber:
ber_dump: buf=010E10D2 ptr=010E1118 end=010E1118 len=0

ber_scanf fmt ({m) ber:
ber_dump: buf=010E1060 ptr=010E1118 end=010E1136 len=30
  0000:  00 1c 04 17 32 2e 31 36  2e 38 34 30 2e 31 2e 31
....2.16.840.1.1
  0010:  31 33 37 33 30 2e 33 2e  34 2e 32 01 01 ff
13730.3.4.2...
ber_scanf fmt (b) ber:
ber_dump: buf=010E1060 ptr=010E1133 end=010E1136 len=3
  0000:  00 01 ff
...
=> get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical)
<= get_ctrls: n=2 rc=0 err=""
    attrs: * +
send_ldap_result: conn=1001 op=1 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=2 tag=101 err=0
ber_flush2: 14 bytes to sd 2984
  0000:  30 0c 02 01 02 65 07 0a  01 00 04 00 04 00
0....e........
ldap_write: want=14, written=14
  0000:  30 0c 02 01 02 65 07 0a  01 00 04 00 04 00
0....e........
daemon: activity on 5 descriptors
daemon: activity on: 4r
daemon: read activity on 4
daemon: WSselect: listen=2 active_threads=0 tvp=zero
connection_get(4)
daemon: WSselect: listen=3 active_threads=0 tvp=zero
connection_get(4): got connid=1001
connection_read(4): checking for input on id=1001
ber_get_next
ldap_read: want=8, got=7
  0000:  30 05 02 01 03 42 00
0....B.
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf=013E5460 ptr=013E5460 end=013E5465 len=5
  0000:  02 01 03 42 00
...B.
op tag 0x42, time 1282112561
ber_get_next
ldap_read: want=8, got=0

ber_get_next on fd 4 failed errno=0 (unknown WSA error)
connection_read(4): input error=-2 id=1001, closing.
connection_closing: readying conn=1001 sd=4 for close
daemon: activity on 1 descriptor
connection_close: deferring conn=1001 sd=4
daemon: waked
daemon: WSselect: listen=2 active_threads=0 tvp=zero
conn=1001 op=2 do_unbind
daemon: WSselect: listen=3 active_threads=0 tvp=zero
connection_resched: attempting closing conn=1001 sd=4
connection_close: conn=1001 sd=4
daemon: removing 4

"""
gtalk:freeespe...@gmail.com <gtalk%3afreeespe...@gmail.com>


On Mon, Aug 16, 2010 at 10:54 PM, Marc Patermann <
hans.mo...@ofd-z.niedersachsen.de> wrote:

>  Off list:
>
> owen nirvana schrieb am 16.08.2010 16:08 Uhr:
> > However, the method of different search for different node is not
> effective.
> >
> > In my configuration of parent CA,
> > ''"
> > syncrepl rid=001
> >          ...
> >          searchbase = "dc=sonCA,dc=parentCA,dc=rootCA"
> >          ...
> > """
> Did you try my first glue with multiple databases?
>
> > I believe the reason is the two nodes have not the same DIT.
> What did you mean by that?
> your tree from dc=sonCA,dc=parenCA,dc=rootCA will be replicated beyond
> dc=parenCA,dc=rootCA if you configure it in the right way.
>
> > Maybe syncrepl could not support it.
> You better try one of the approaches und post the consumer and provider
> config and replication logs to the list (and maybe some data)
>
> Marc
>

Re: replication from child to Parent domain

Reply via email to