On Wed, May 21, 2014 at 9:18 PM, Greg Barber <[email protected]> wrote:
> I've gone back and changed the consumer log level from FATAL to DEBUG in > the log4j.properties and ran the test again. Here is what was logged on > the slave server: > > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - Response > from totaraldap1.aetn.org:389 : MessageType : SEARCH_RESULT_ENTRY > Message ID : 2 > Search Result Entry > Entry > dn[n]: cn=Test3,ou=Students,dc=test,dc=org > objectClass: person > objectClass: top > accessControlSubentries: > > 2.5.4.3=studentpermsissionsaci,0.9.2342.19200300.100.1.25=test,0.9.2342.19200300.100.1.25=org > accessControlSubentries: > > 2.5.4.3=testauthorizationrequirementsacisubentry,0.9.2342.19200300.100.1.25=test,0.9.2342.19200300.100.1.25=org > > cn: Test3 > sn: Three > entryParentId: db01d8bf-34ee-4a53-8d84-8b81dfde763e > entryDN: cn=Test3,ou=Students,dc=test,dc=org > entryUUID: 3f637825-cb0b-4e2f-ba2b-4c5e0c6495ac > creatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system > createTimestamp: 20140521140519.331Z > entryCSN: 20140521152309.880000Z#000000#001#000000 > modifyTimestamp: 20140521152309.879Z > modifiersName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system > SyncStateValue control : > oid : 1.3.6.1.4.1.4203.1.9.1.2 > critical : false > syncStateType : 'MODIFY' > entryUUID : '0x3F 0x63 0x78 0x25 0xCB 0x0B 0x4E 0x2F 0xBA > 0x2B 0x4C 0x5E 0x0C 0x64 0x95 0xAC ' > cookie : '' > > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - > ------------- starting handleSearchResult ------------ > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - state name > MODIFY > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - entryUUID = > 3f637825-cb0b-4e2f-ba2b-4c5e0c6495ac > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - modifying > entry with dn cn=Test3,ou=Students,dc=test,dc=org > [10:24:54] ERROR [org.apache.directory.server.CONSUMER_LOG] - ERR_52 > Cannot modify the attribute : attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.11 > NAME 'accessControlSubentries' > DESC 'Used to track a subentry associated with access control > areas' > EQUALITY distinguishedNameMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 > NO-USER-MODIFICATION > USAGE directoryOperation > ) > org.apache.directory.api.ldap.model.exception.LdapNoPermissionException: > ah, this was already fixed in trunk, see https://issues.apache.org/jira/browse/DIRSERVER-1971 it will be available in version 2.0.0-M17 you can also build the trunk if you want to test > ERR_52 Cannot modify the attribute : attributetype ( > 1.3.6.1.4.1.18060.0.4.1.2.11 NAME 'accessControlSubentries' > DESC 'Used to track a subentry associated with access control > areas' > EQUALITY distinguishedNameMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 > NO-USER-MODIFICATION > USAGE directoryOperation > ) > at > > org.apache.directory.server.core.schema.SchemaInterceptor.checkModifyEntry(SchemaInterceptor.java:721) > at > > org.apache.directory.server.core.schema.SchemaInterceptor.modify(SchemaInterceptor.java:1186) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.hash.PasswordHashingInterceptor.modify(PasswordHashingInterceptor.java:131) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.exception.ExceptionInterceptor.modify(ExceptionInterceptor.java:253) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.admin.AdministrativePointInterceptor.modify(AdministrativePointInterceptor.java:1456) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.modify(DefaultAuthorizationInterceptor.java:277) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.authz.AciAuthorizationInterceptor.modify(AciAuthorizationInterceptor.java:820) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.referral.ReferralInterceptor.modify(ReferralInterceptor.java:319) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:834) > at > > org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:587) > at > > org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:216) > at > > org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:883) > at > > org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:1215) > at > > org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResultEntry(ReplicationConsumerImpl.java:416) > at > > org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:778) > at > > org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:565) > at > org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:739) > at java.lang.Thread.run(Thread.java:744) > [10:24:54] DEBUG [org.apache.directory.server.CONSUMER_LOG] - > ------------- Ending handleSearchResult ------------ > [10:24:54] DEBUG > [org.apache.directory.ldap.client.api.LdapNetworkConnection] - -------> > MessageType : INTERMEDIATE_RESPONSE > Message ID : 2 > Intermediate Response > Response name :'1.3.6.1.4.1.4203.1.9.1.4' > ResponseValue :'0x80 0x34 0x72 0x69 0x64 0x3D 0x30 0x30 0x31 0x2C > 0x63 0x73 0x6E 0x3D 0x32 0x30 0x31 0x34 0x30 0x35 0x32 0x31 0x31 0x35 0x32 > 0x33 0x30 0x39 0x2E 0x38 0x38 0x30 0x30 0x30 0x30 0x5A 0x23 0x30 0x30 0x30 > 0x30 0x30 0x30 0x23 0x30 0x30 0x31 0x23 0x30 0x30 0x30 0x30 0x30 0x30 ' > > > I guess there is an issue with the access control settings? > > [email protected] on Wednesday, May 21, 2014 at 8:15 AM -0500 > wrote: > >As a test I changed the password for a user on the master server and > >tailed the logs on both. I didn't see anything on the master server this > >is what I saw on the slave: > > > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Sending > >request > >MessageType : SEARCH_REQUEST > >Message ID : 10889 > > SearchRequest > > baseDn : 'dc=test,dc=org' > > filter : '(objectClass=*)' > > scope : base object > > typesOnly : false > > Size Limit : no limit > > Time Limit : no limit > > Deref Aliases : deref Always > > attributes : '1.1' > >org.apache.directory.api.ldap.model.message.SearchRequestImpl@1716d836 > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Adding > ><10889, org.apache.directory.ldap.client.api.future.SearchFuture> > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - -------> > >MessageType : SEARCH_RESULT_ENTRY > >Message ID : 10889 > > Search Result Entry > >Entry > > dn: dc=test,dc=org > > > > Message received <------- > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Getting > ><10889, org.apache.directory.ldap.client.api.future.SearchFuture> > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Search > >entry found : MessageType : SEARCH_RESULT_ENTRY > >Message ID : 10889 > > Search Result Entry > >Entry > > dn[n]: dc=test,dc=org > > > > > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - -------> > >MessageType : SEARCH_RESULT_DONE > >Message ID : 10889 > > Search Result Done > > Ldap Result > > Result code : (SUCCESS) success > > Matched Dn : '' > > Diagnostic message : '' > > Message received <------- > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Getting > ><10889, org.apache.directory.ldap.client.api.future.SearchFuture> > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Search > >successful : MessageType : SEARCH_RESULT_DONE > >Message ID : 10889 > > Search Result Done > > Ldap Result > > Result code : (SUCCESS) success > > Matched Dn : '' > > Diagnostic message : '' > > > >[07:50:02] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Removing > ><10889, org.apache.directory.ldap.client.api.future.SearchFuture> > >[07:50:07] DEBUG > >[org.apache.directory.ldap.client.api.LdapNetworkConnection] - Sending > >request > > > >[email protected] on Tuesday, May 20, 2014 at 9:14 PM -0500 > >wrote: > >>any error(s) in the logs? > >> > >> > >>On Wed, May 21, 2014 at 4:01 AM, Greg Barber <[email protected]> wrote: > >> > >>> I'm pretty new to LDAP/apacheds replication. I'm running 2.0.0-M16 on > >>two > >>> separate servers trying to get replication working from the master to > >>the > >>> slave, I would like to get multimaster replication in place but right > >>now > >>> I'm taking it one step at a time. I've set up a partition on the > >>master > >>> and have added entries and created a ou with two test user in it so far > >>so > >>> good. I then used directory studio created the same partition on the > >>> slave but didn't populate it. I also created a replication consumer > >with > >>> the new partition as the base dn on the slave by editing the > >>configuration > >>> file. I restarted the slave and it pulled everything thing over from > >the > >>> master great so far so good. Where I'm having an issue is if I change > >>an > >>> attribute for a user like their password it is not being replicated > >over > >>> to the slave. I'm stumped why this is not getting replicated across. > >>> > >>> > >> > >> > >>-- > >>Kiran Ayyagari > >>http://keydap.com > > > > > > > -- Kiran Ayyagari http://keydap.com
