Hi, Tim. I didn't have time to peruse this (still under a nasty
deadline) but I was looking for one thing I didn't see in your post.
I'm pulling this from memory so please double check it but did you
enable the presence attribute (?) for indexing on all the items listed i
the referential integrity plugin?
By the way, if I might mention it, would you kindly post to the bottom
of future threads. Top posting makes it very difficult for newcomers to
the list to follow. Thanks - John
On Tue, 2009-02-03 at 12:24 -0500, Tim Hartmann wrote:
Well then! Let me give you my experiences so far....
So I attempted to add "memberuid" to the plugin on the master I wanted
to use it on... and that went fine. restarted the server, I added index
on all my servers for the memberuid attribute, ( I thought I might be
able to get away with indexing on just the master that was going to run
the Referential Integrity plugin, but I figured I'd keep my
configuration as consistent as possible accross both master +
replicas). I then enabled the plug in on the console, and then ran
"/etc/init.d/dirsrv restart" So far, i felt like I was pretty much just
follow word for work the instructions in the manual.
For my testing, I have:
All three server diffrent clients, though some user name overlap, and a
change in one, shouldn't necessarily be reflected in it's neighbor.
For testing I have a user I want to delete in dept
and he's a member of a Posix style group in depts as (under the base
ou=Group,dc=dept,dc=school,dc=edu_ and the same username (User) is a
member of a similar group under ou=Group,dc=school,dc=edu, I added him
there to see if the plug in would traverse directories or not.
The things I noticed after I restarted and delete the user were this:
First, once I deleted the user, my redhat-idm-console interface went a
little wonky, only rendering part of the screen until I did a "refresh
all " from the view menu , It also spit out to STDOUT the following
java errors, which it's never done before:
Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException
Next, I noticed that /var/log/dirsrv/slapd-instance/referint
Log file did not get created, so I created an empty file, restarted the
directory, deleted all the data out of "dept" re added it all with an
ldapmodify from a backup ldif i have for testing, and then once again
tried to delete "user"
"User" deleted ok, I saw the same behavior from the GUI interface, and
when I checked the groups that contained user, he hadn't been removed.
Nor had any content been added to the
So at the moment, it looks like Referential Integrity isn't working at
all for me.... and i'm a little worried about the Java error, and more
sluggish behavior that my GUI Console is exiting..
Additionally, I didn't see anything in access or error logs, that might
indicate whats going on..
John A. Sullivan III wrote:
> Sorry I can't be more help but I am listening! We use referential
> integrity but have not yet implemented it in multi-master mode nor have
> we really stressed and tested it - John
Fedora-directory-users mailing list
John A. Sullivan III
Open Source Development Corporation