Re: [389-users] Changelog Modification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Rich.  So to modify an existing replication agreement and add some attribute exclusions, could I do something like the following:

create the .ldif below and add it each supplier agreement using ldapmodify?

dn: cn="Replication to p-ldap-isvr02.example.com",cn=replica,cn="dc=example,dc=com",cn=mapping tree,cn=config
changetype: modify
replace: nsds5replicatedattributelist
nsds5replicatedattributelist: (objectclass=*) $ EXCLUDE accountunlocktime passwordretrycount retrycountresettime memberof

Would each consumer need to be re-initialized after making a change like this?

Thanks,
Stephen


On Thu, Mar 10, 2011 at 8:04 AM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
On 03/09/2011 10:34 PM, Stephen Agar wrote:
In my previous reading it seemed like fractional replication wasn't possible in a multi-master environment.  Statements like this from the administrators guide: "Fractional replication can only be done where the consumer is a read-only replica" are what i'm referring to.  Am I misunderstanding what fractional replication is?
It is now supported in most cases.  Please direct me to statements like the above in our docs and I will fix them.


Thanks

On Wed, Mar 9, 2011 at 11:18 AM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
On 03/09/2011 10:11 AM, Stephen Agar wrote:
I've seen multiple different types of changes in there flagged as this issue. 
- Some was a custom "directory string" attribute, being change from value notActivated to activated
I suppose this might be a problem if the schema were somehow different between the two servers, which could happen if you added the schema via a file and not via LDAP.

- Some password account lockout attributes, resettime, etc.
See http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_Replication-Replicating-Password-Attributes

- Most are modifications to the "memberof" attribute, which is set by the member plugin
memberof should not be replicated - see http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#groups-cmd-memberof
there is an Important Note on that page about replicating memberof
- Some are password changes
I suppose this could be possible if the password policy is different on the supplier and the consumer


In all cases that i've checked, the data seems to be correct and consistent across all 4 nodes.

Thanks for any insight.

--stephen


On Tue, Mar 8, 2011 at 3:21 PM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
On 03/08/2011 11:17 AM, Stephen Agar wrote:
I have a 4 server multi master replication setup going on.  We get a lot of errors like this:

 NSMMReplicationPlugin - agmt="cn="Replication to server"" (server:636): Consumer failed to replay change (uniqueid 2365a885-b85511df-ad54b6ca-51ecbecb, CSN 4d6ceae5000700010000): DSA is unwilling to perform. Will retry later.

I've used cl-dump on all four nodes to dump the logs and track these down.  However, all of the "offending" changes that say they weren't made do indeed seem to be applied on all 4 nodes.
What are these changes?  What operations, attributes, values, etc.
Is there a command I can use to remove specific entries from the changelog?  In the past, i've just re-initialized nodes to get rid of these, but that's certainly not the preferred way to do this.

Thanks,
Stephen
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users






--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux