3

I'm looking for some help with an ApacheDS Multi Master solution. I'm new to the setting up LDAP solutions and so it's quite possible that I'm making some pretty basic errors.

I have two CentOS VM's running - LDAP1 and LDAP2. Each VM having a running ApacheDS solution. LDAP1 is running ApacheDS on port 10389 and LDAP2 is running ApacheDS on port 10399.

I can connect to both servers using Apache Directory Studio with no problems and can see the default structures listed.

I have then imported the SevenSeas structure into LDAP1, and enabled DEBUG for both LDAP1 and LDAP2 for replication by uncommenting the lines in /instances/default/conf/log4j.properties

log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG

I then attempt to create the MultiMaster config following this guide : http://joacim.breiler.com/apacheds/ch08s02.html

1) I enable the replication handler on LDAP1 by importing the following LDIF

dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
changetype: modify 
add: ads-replReqHandler 
ads-replReqHandler: org.apache.directory.server.ldap.replication.provider.SyncReplRequestHandler

2) I then enable the replication handler on LDAP2 by importing the same LDIF as above

3) I then restart both LDAP1 and LDAP2 ApacheDS servers.

4) Once the server restarts I check the apacheDS.log and see the following entries ( on Both LDAP1 and LDAP2)

[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - initializing the syncrepl provider
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - Starting the replication consumer manager
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - no replica logs found to initialize
[08:41:28] DEBUG [org.apache.directory.server.PROVIDER_LOG] - syncrepl provider initialized successfully

5) I then import the following LDIF on LDAP2 (No Errors are generated)

dn: ads-replConsumerId=1,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
objectClass: ads-base 
objectClass: ads-replConsumer 
objectClass: top 
ads-replAliasDerefMode: never 
ads-replAttributes: * 
ads-replConsumerId: 1 
ads-replProvHostName: ldap1
ads-replProvPort: 10389 
ads-replRefreshInterval: 60000 
ads-replRefreshNPersist: true 
ads-replSearchFilter: (objectClass=*) 
ads-replSearchScope: sub 
ads-replSearchSizeLimit: 0 
ads-replSearchTimeOut: 0 
ads-replUserDn: uid=admin,ou=system 
ads-replUserPassword:: c2VjcmV0 
ads-searchBaseDN: o=SevenSeas

6) I then import the following LDIF on LDAP1

dn: ads-replConsumerId=2,ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config 
objectClass: ads-base 
objectClass: ads-replConsumer 
objectClass: top 
ads-replAliasDerefMode: never 
ads-replAttributes: * 
ads-replConsumerId: 2 
ads-replProvHostName: ldap2
ads-replProvPort: 10399 
ads-replRefreshInterval: 60000 
ads-replRefreshNPersist: true 
ads-replSearchFilter: (objectClass=*) 
ads-replSearchScope: sub 
ads-replSearchSizeLimit: 0 
ads-replSearchTimeOut: 0 
ads-replUserDn: uid=admin,ou=system 
ads-replUserPassword:: c2VjcmV0 
ads-searchBaseDN: o=SevenSeas

7) I then attempt to restart LDAP1 and LDAP2 apacheDS servers and hit the following error on both servers. (Reported in ApacheDS.log

08:52:42] ERROR [org.apache.directory.server.config.ConfigPartitionReader] - An error occured while reading the configuration DN 'ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config' for the objectClass 'ads-replConsumer':
ERR_04274 Can't find an OID for the name ads-base
[08:52:42] ERROR [org.apache.directory.server.UberjarMain] - Failed to start the service.
org.apache.directory.server.config.ConfigurationException: An error occured while reading the configuration DN 'ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config' for the objectClass 'ads-replConsumer':
ERR_04274 Can't find an OID for the name ads-base
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:641)
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:600)
        at org.apache.directory.server.config.ConfigPartitionReader.read(ConfigPartitionReader.java:600)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:754)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:718)
        at org.apache.directory.server.config.ConfigPartitionReader.readConfig(ConfigPartitionReader.java:690)
        at org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:177)
        at org.apache.directory.server.UberjarMain.start(UberjarMain.java:76)
        at org.apache.directory.server.UberjarMain.main(UberjarMain.java:54)

8) I then reverted the config to before the import to allow me to restart the servers

9) If I remove the following line from the LDIF used in point 5 / 6, I'm then able to start the servers.

objectClass: ads-base

10) The debug (on both LDAP1 and LDAP2) reflects that the the replication is working 

[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - initializing the syncrepl provider
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - Starting the replication consumer manager
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - no replica logs found to initialize
[09:02:31] DEBUG [org.apache.directory.server.PROVIDER_LOG] - syncrepl provider initialized successfully

11) I then login to LDAP2 and do not see the partition o=SevenSeas - Which to me says the replication hasn't worked ? Have I missed a stage ?

UPDATE I've been able to make some more progress on this. Whilst using the Apache Directory Studio tool - i stumbled on the Server configuration tabs (Right click on the LDAP connection). Amongst the tabs is a Replication tab. This allows you to add consumers. On LDAP1 I added a consumer to point to LDAP2 and on LDAP2 I added a consumer to point to LDAP1, where the BASEDN was ou=system. The consumer ID appears to need to match the ID's given in point 5 /6.

I then restarted both the LDAP servers.

When the servers restarted I could see that they were talking to each other (via the debug). I made an edit to the ou_system partition on LDAP1 and this was replicated to LDAP2. I than made an edit to the ou=system partition on LDAP2 and this was replicated to LDAP1.

My issue is now that I cannot replicate other partitions - no matter what the BASE DN is in the consumer config.

dazednconfused
  • 141
  • 1
  • 5
  • 16

1 Answers1

1

I guess we started working on the same issue at the same time today. The replication to a custom partition seems to work when you set the cache to 1000 for the partition.

Irmin Okic
  • 66
  • 6
  • Hmmm nope tried that and it's still not replicating anything other than ou=system. – dazednconfused Oct 27 '14 at 09:32
  • Is this a cache config issue in apache? Is this issue fixed in latest release or any ticket is there to track this issue? – Sohan May 05 '15 at 05:44
  • I don't really remember if I found a ticket concerning this issue. Everything is working fine with the cache set to 1000, so I haven't had a reason to look into it further. – Irmin Okic May 11 '15 at 10:25