LDAP replication problem

[breverend]

Hello all,

I got trouble to make ldap replication work on my system.

I got a master ZCS server running v 5.0.13 hosted outside of my LAN (server.mydomain.com). It works as intented, with more than 40 emails account daily used.

I'd like to set up only LDAP replication on a slave server inside my lan (slave.mylan.mydomain.com).
I used this howto :

Configuring LDAP Replication

When I test it, I got this :

# /opt/zimbra/bin/zmprov -l gaa
wiki@mydomain.com
spam.0mmaekfx@mydomain.com
ham.4nb79bvp@mydomain.com

# /opt/zimbra/bin/zmprov -l gad
mydomain.com

I don't see accounts that are visible my doing the same command on my Master Server.

I saw the older howto (for ZCS 4.0) and I tried :

./zmsshkeygen
Generating public/private dsa key pair.
Your identification has been saved in /opt/zimbra/.ssh/zimbra_identity.
Your public key has been saved in /opt/zimbra/.ssh/zimbra_identity.pub.
The key fingerprint is:
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
slave.mylan.mydomain.com
ERROR: account.NO_SUCH_SERVER (no such server: slave.mylan.mydomain.com)

Do you know how to fix this error please ?

Regards.

[veronica]

what does zimbra.log says ? Is your firewall blocking traffic on secure ldap 636 or 389 ? You must be getting errors in zimbra.log then ? did you check slapd.conf file for replication settings ?

[breverend]

Master ldap is accessible :

# telnet server.mydomain.com 389
Trying 99.99.99.99...
Connected to server.mydomain.com.
Escape character is '^]'.

On zimbra.log I got :

Jun 12 16:01:39 slave slapd[6797]: syncrepl_entry: rid 100 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD)
Jun 12 16:01:39 slave slapd[6797]: syncrepl_entry: rid 100 be_search (0)
Jun 12 16:01:39 slave slapd[6797]: syncrepl_entry: rid 100 ou=machines,dc=mydomain,dc=com
Jun 12 16:01:39 slave slapd[6797]: syncrepl_message_to_entry: rid 100 mods check (sambaDomainName: attribute type undefined)
Jun 12 16:01:39 slave slapd[6797]: do_syncrepl: rid 100 retrying
Jun 12 16:02:03 slave zimbramon[17378]: 17378:info: 2009-06-12 16:02:01, STATUS: : Unable: to determine enabled services. Cache is out of date or doesn't
exist.

I checked the slapd.conf on master (seems good as i got the lines mentionned).

on slave I got the lines :

updateref ldap://server.mydomain.com:389
overlay syncprov

thanks for your answer.

edit : I checked the install log.
Fri Jun 12 12:50:36 2009 *** Running as zimbra user: /opt/zimbra/bin/zmsshkeygen
Generating public/private dsa key pair.
Your identification has been saved in /opt/zimbra/.ssh/zimbra_identity.
Your public key has been saved in /opt/zimbra/.ssh/zimbra_identity.pub.
The key fingerprint is:
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX slave.mylan.mydomain.com
ERROR: account.NO_SUCH_SERVER (no such server: slave.mylan.mydomain.com)

It looks like my main issue is that error.

[breverend]

Anyone knows about that?

[quanah]

It looks like your replica does not load the same schema files as your master, thus replication will never occur to it. Fix what schema are allowed.

Quote:

Jun 12 16:01:39 slave slapd[6797]: syncrepl_message_to_entry: rid 100 mods check (sambaDomainName: attribute type undefined)

You can clearly see the samba schema is in place on your master.

[breverend]

Master is working perfectly, as it is our prod server.
Do you have a documentation to "Fix what schema are allowed" please ?

Thanks for your answer.

[breverend]

Ok, I just copied the zimbra/openldap/etc/openldap/schema/zimbra.schema from my master to my slave.

Schema should be the same. But I still get same errors as above, plus these :

Jun 22 12:06:59 slave zimbramon[28174]: 28174:info: zmmtaconfig: Skipping Configuration for server slave.mylan.mydomain.com update.
Jun 22 12:06:59 slave zimbramon[28174]: 28174:info: zmmtaconfig: gs:slave.mylan.mydomain.com ERROR: account.NO_SUCH_SERVER (no such server: slave.mylan.mydomain.com)
Jun 22 12:06:59 slave zimbramon[28174]: 28174:info: zmmtaconfig: Sleeping...Key lookup failed.

Still that NO_SUCH_SERVER error...

Anyone konw why I get that ?

[quanah]

Looks like the server was never created. You need to run zmprov and create the server in your master's db. This is a known issue that will be resolved in 6.0.

[breverend]

On master :

zimbra@master:~$ zmprov gas
master.mydomain.com
slave.mylan.mydomain.com

Looks like server was already in master's db.

[breverend]

Anyone knows how to fix NO_SUCH_SERVER error ?