Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/12/2014 10:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc
Can you provide a link to the RHDS documentation?
Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
*
Hi Rich,
here is the RHES doc :
**Forcing Replication Updates from the Command Line* From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in _Example 11.5, "replicate_now Script Example"_ <Managing_Replication-Forcing_Replication_Updates.html>. Copy this example script and name it something like replicate_now.sh. Substitute the actual values for the variables listed in _Example 11.5, "replicate_now Script Example"_ <Managing_Replication-Forcing_Replication_Updates.html>. *NOTE* This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again. *Example 11.5. replicate_now Script Example* #!/bin/sh SUP_HOST=supplier_hostname SUP_PORT=supplier_portnumber SUP_MGRDN=supplier_directoryManager SUP_MGRPW=supplier_directoryManager_password MY_HOST=consumer_hostname MY_PORT=consumer_portnumber ldapsearch -x -1 -T -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule > /tmp/$$ cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";} /^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; } ' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/12/2014 11:51 AM, ghiureai wrote:
Hi Rich,
here is the RHES doc :
Forcing Replication Updates from the Command Line* From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in _Example 11.5, “replicate_now Script Example”_ <Managing_Replication-Forcing_Replication_Updates.html>. Copy this example script and name it something like replicate_now.sh. Substitute the actual values for the variables listed in _Example 11.5, “replicate_now Script Example”_ <Managing_Replication-Forcing_Replication_Updates.html>.
I would really appreciate a link to the doc so I can file a doc bug and get this fixed.
*NOTE* This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again. *Example 11.5. replicate_now Script Example* #!/bin/sh SUP_HOST=supplier_hostname SUP_PORT=supplier_portnumber SUP_MGRDN=supplier_directoryManager SUP_MGRPW=supplier_directoryManager_password MY_HOST=consumer_hostname MY_PORT=consumer_portnumber ldapsearch -x -1 -T -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule > /tmp/$$
This is some awful mix of mozldap and openldap command line parameters.
Instead of "-1" use "-LLL"
Instead of "-T" use "-o ldif-wrap=no"
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";} /^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; } ' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
ghiureai wrote:
Hi Rich,
here is the RHES doc :
Forcing Replication Updates from the Command Line* From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in _Example 11.5, “replicate_now Script Example”_ <Managing_Replication-Forcing_Replication_Updates.html>. Copy this example script and name it something like replicate_now.sh. Substitute the actual values for the variables listed in _Example 11.5, “replicate_now Script Example”_ <Managing_Replication-Forcing_Replication_Updates.html>. *NOTE* This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again. *Example 11.5. replicate_now Script Example* #!/bin/sh SUP_HOST=supplier_hostname SUP_PORT=supplier_portnumber SUP_MGRDN=supplier_directoryManager SUP_MGRPW=supplier_directoryManager_password MY_HOST=consumer_hostname MY_PORT=consumer_portnumber
ldapsearch -x -1 -T -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config"
"(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule > /tmp/$$
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";}
/^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; }
' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
AIUI the basic idea of forcing replication like this is to modify the replication schedule, then setting it back to the original value (or deleting the one that was added).
I'm not entirely sure this script would work in all cases. I think this script will fail if there was no initial agreement schedule.
The basic idea, as I can grok it, is the first ldapsearch gets the current state of the agreements.
The awk part loops through the search results and creates an ldif that sets the agreement time for 0000-2359 0123456 then sets it back
Then the last ldapmodify applies the changes that awk calculated.
I tweaked the ldif that this created since my agreements don't have a nsds5ReplicaUpdateSchedule by default. This works for me:
dn: cn=meTosif.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config changetype: modify replace: nsds5ReplicaUpdateSchedule nsds5ReplicaUpdateSchedule: 0000-2359 0123456 -
dn: cn=meTosif.exaample.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config changetype: modify delete:nsds5ReplicaUpdateSchedule nsds5ReplicaUpdateSchedule: 0000-2359 0123456 -
After applying this I checked the full agreement and I see this which makes me believe it actually did something:
nsds5replicaLastUpdateStart: 20141113153408Z nsds5replicaLastUpdateEnd: 20141113153409Z
I did this in the context of a freeIPA install.
rob
Rich, here is the link from RHES doc , I would apreciate if you have a working script for CentOS 6.5
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/h...
11.15. Forcing Replication Updates
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
Rich, as per your advise I change the ldapsearch see below, still not working:
ldapsearch -x -LLL -o 'ldif-wrap=no' -h myhost.org.com -p 636 -D 'cn=directory manager' -w mypassw -b 'cn=mapping tree,cn=config' "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=myhost1.org.com) (nsDS5ReplicaPort=636 dn nsds5ReplicaUpdateSchedule " Invalid general option name: ldif-wrap usage: ldapsearch [options] [filter [attributes...]] where: filter RFC 4515 compliant LDAP search filter attributes whitespace-separated list of attribute descriptions which may include: 1.1 no attributes * all user attributes + all operational attributes Search options:
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/12/2014 01:59 PM, ghiureai wrote:
Rich, as per your advise I change the ldapsearch see below, still not working:
ldapsearch -x -LLL -o 'ldif-wrap=no' -h myhost.org.com -p 636 -D 'cn=directory manager' -w mypassw -b 'cn=mapping tree,cn=config' "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=myhost1.org.com) (nsDS5ReplicaPort=636 dn nsds5ReplicaUpdateSchedule " Invalid general option name: ldif-wrap
Ok. Omit the "-o ldif-wrap=no" because it is not supported on your platform.
Instead, pipe the output to perl: ldapsearch .... | perl -p0e 's/\n //g'
usage: ldapsearch [options] [filter [attributes...]] where: filter RFC 4515 compliant LDAP search filter attributes whitespace-separated list of attribute descriptions which may include: 1.1 no attributes * all user attributes + all operational attributes Search options:
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Rich, using -LLL and | perl options as you suggested just hangs, the script is not running no errors hangs on ldapsearch line, do I need to specify any extra variables for perl option? Is there anyone with a working script for this replication task ? Thank you Isabella
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/12/2014 04:18 PM, ghiureai wrote:
Rich, using -LLL and | perl options as you suggested just hangs, the script is not running no errors hangs on ldapsearch line, do I need to specify any extra variables for perl option?
Can you provide your entire command line?
Is there anyone with a working script for this replication task ?
Not that I know of.
Thank you Isabella
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Morning Rich,
Please, see my full script, I'm runing this script from host2 , in a multimaster replication env: host1 <---> host2 (How are the DS users sync data in multimaster if they will not use this scripts and not have access to admin console?) #!/bin/sh -x SUP_HOST=host1.org.com SUP_PORT=636 #SUP_MGRDN=cn=directory manager SUP_MGRPW=mypasswd MY_HOST=host2.org.com MY_PORT=636 export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT
ldapsearch -x -LLL -h ${SUP_HOST} -p ${SUP_PORT} -D "cn=directory manager" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule |perl -p0e 's/\n //g' > /tmp/$$
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";}
/^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; }
' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/13/2014 08:36 AM, ghiureai wrote:
Morning Rich,
Please, see my full script, I'm runing this script from host2 , in a multimaster replication env: host1 <---> host2 (How are the DS users sync data in multimaster if they will not use this scripts and not have access to admin console?)
I'm not sure what you are asking here. I'm also not sure why you are trying to use the replicate_now script. Replication is supposed to "just work" - as soon as a change is received, it should be sent immediately to all of its replicas.
#!/bin/sh -x SUP_HOST=host1.org.com SUP_PORT=636 #SUP_MGRDN=cn=directory manager SUP_MGRPW=mypasswd MY_HOST=host2.org.com MY_PORT=636 export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT
ldapsearch -x -LLL -h ${SUP_HOST} -p ${SUP_PORT} -D "cn=directory manager" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule |perl -p0e 's/\n //g' > /tmp/$$
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";}
/^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; }
' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
As per RHES doc: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/h...
"Even if the replication agreements are configured to keep the supplier and consumer servers always in sync, it is not sufficient to bring back up-to-date a server that has been offline for over five minutes. The *Always Keep in Sync* option means that the server generates a replication operation for every update operation it processes. However, if this replication operation cannot be performed because the consumer is offline, the operation times out after 10 minutes. 11.15.2. Forcing Replication Updates from the Command Line From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in Example 11.5, "replicate_now Script Example" https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
Copy this example script and name it something like |replicate_now.sh|. Substitute the actual values for the variables listed in Example 11.5, "replicate_now Script Example" https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
*NOTE*
This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again."''
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
ok, so there are two questions - why doesn't the script work - is th escript necesseray
To see why the script isn't working, could you provide the full script and commandline of your latest attempt
I think the doc is not fully correct. If a consumer is taken offline the supplier can no longer reach it and will try in increasing intervals, up to 5 mins, but in my understanding it should retry every 5 mins. If the cinsumer comes online the supplier does not know about this, and so it could be up to 5 mins until the next retry. If you really want immediate respons from the supplier the the suplier has to be notified eg by this script. But if the consumer has been offline for some time it could probaly be acceptable to wait the 5 extra mins
Ludwig
On 11/13/2014 05:09 PM, ghiureai wrote:
As per RHES doc: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/h...
"Even if the replication agreements are configured to keep the supplier and consumer servers always in sync, it is not sufficient to bring back up-to-date a server that has been offline for over five minutes. The *Always Keep in Sync* option means that the server generates a replication operation for every update operation it processes. However, if this replication operation cannot be performed because the consumer is offline, the operation times out after 10 minutes. 11.15.2. Forcing Replication Updates from the Command Line From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in Example 11.5, “replicate_now Script Example” https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
Copy this example script and name it something like |replicate_now.sh|. Substitute the actual values for the variables listed in Example 11.5, “replicate_now Script Example” https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
*NOTE*
This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again."''
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
On 11/13/2014 09:27 AM, Ludwig Krispenz wrote:
ok, so there are two questions
- why doesn't the script work
- is th escript necesseray
To see why the script isn't working, could you provide the full script and commandline of your latest attempt
I think the doc is not fully correct. If a consumer is taken offline the supplier can no longer reach it and will try in increasing intervals, up to 5 mins, but in my understanding it should retry every 5 mins. If the cinsumer comes online the supplier does not know about this, and so it could be up to 5 mins until the next retry. If you really want immediate respons from the supplier the the suplier has to be notified eg by this script. But if the consumer has been offline for some time it could probaly be acceptable to wait the 5 extra mins
Ludwig
https://bugzilla.redhat.com/show_bug.cgi?id=1163902
On 11/13/2014 05:09 PM, ghiureai wrote:
As per RHES doc: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/h...
"Even if the replication agreements are configured to keep the supplier and consumer servers always in sync, it is not sufficient to bring back up-to-date a server that has been offline for over five minutes. The *Always Keep in Sync* option means that the server generates a replication operation for every update operation it processes. However, if this replication operation cannot be performed because the consumer is offline, the operation times out after 10 minutes. 11.15.2. Forcing Replication Updates from the Command Line From the consumer that requires updating, run a script that prompts the supplier to send replication updates immediately. This script is shown in Example 11.5, “replicate_now Script Example” https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
Copy this example script and name it something like |replicate_now.sh|. Substitute the actual values for the variables listed in Example 11.5, “replicate_now Script Example” https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_Replication-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
*NOTE*
This script must be run manually since it cannot be configured to run automatically as soon as the server, which was offline, comes back online again."''
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Hi Ludwing, Glad to hear some things make sense, the doc says 10 min to wait until in sync data, I can't afford wasting time if there are < 24 hours logs to be applied to slave and users are connecting right away.
Bellow is my script, I done some changes as per Rich advise.
my OS : Linux el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST 2013 x86_64 x86_64 x86_64 GNU/Linu running from host2, :scripts$ ./replicate_now.sh ./replicate_now.sh + SUP_HOST=host1.org.com + SUP_PORT=636 + SUP_MGRPW=passwd + MY_HOST=host2.org.com + MY_PORT=636 + export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT + ldapsearch -x -LLL -h proc5-01.cadc.dao.nrc.ca -p 636 -D 'cn=directory manager' -w 04sirnea -b 'cn=mapping tree,cn=config'
************************************************************************* Here is my script: #!/bin/sh -x SUP_HOST=host1.org.com SUP_PORT=636 #SUP_MGRDN=cn=directory manager SUP_MGRPW=passwd MY_HOST=host2.org.com MY_PORT=636 export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT
ldapsearch -x -LLL -h ${SUP_HOST} -p ${SUP_PORT} -D "cn=directory manager" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule |perl -p0e 's/\n //g' > /tmp/$$
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";}
/^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; }
' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
On 11/13/2014 09:57 AM, ghiureai wrote:
Hi Ludwing, Glad to hear some things make sense, the doc says 10 min to wait until in sync data, I can't afford wasting time if there are < 24 hours logs to be applied to slave and users are connecting right away.
Bellow is my script, I done some changes as per Rich advise.
Please see updated instructions at https://bugzilla.redhat.com/show_bug.cgi?id=1163902
Hi, On 11/13/2014 05:57 PM, ghiureai wrote:
Hi Ludwing, Glad to hear some things make sense, the doc says 10 min to wait until in sync data, I can't afford wasting time if there are < 24 hours logs to be applied to slave and users are connecting right away.
Bellow is my script, I done some changes as per Rich advise.
my OS : Linux el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST 2013 x86_64 x86_64 x86_64 GNU/Linu running from host2, :scripts$ ./replicate_now.sh ./replicate_now.sh
- SUP_HOST=host1.org.com
- SUP_PORT=636
- SUP_MGRPW=passwd
- MY_HOST=host2.org.com
- MY_PORT=636
- export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT
- ldapsearch -x -LLL -h proc5-01.cadc.dao.nrc.ca -p 636 -D
'cn=directory manager' -w 04sirnea -b 'cn=mapping tree,cn=config'
did you edit the output of the script ? the listing of the variables and the use in ldapsearch doesn't match eg host1.org.com <> proc5-01.cadc.dao.nrc.ca
and in the script itself, is it a copy and paste issue or do you have the continuation char '' at the new line instead of at the end of the line to be continued, the +ldapsearch output seems truncated
Here is my script: #!/bin/sh -x SUP_HOST=host1.org.com SUP_PORT=636 #SUP_MGRDN=cn=directory manager SUP_MGRPW=passwd MY_HOST=host2.org.com MY_PORT=636 export SUP_HOST SUP_PORT SUP_MGRDN SUP_MGRPW MY_HOST MY_PORT
ldapsearch -x -LLL -h ${SUP_HOST} -p ${SUP_PORT} -D "cn=directory manager" \ -w ${SUP_MGRPW} -b "cn=mapping tree,cn=config" "(&(objectclass=nsds5replicationagreement)(nsDS5ReplicaHost=${MY_HOST}) (nsDS5ReplicaPort=${MY_PORT}))" dn nsds5ReplicaUpdateSchedule |perl -p0e 's/\n //g' > /tmp/$$
cat /tmp/$$ |awk 'BEGIN { s = 0 }/^dn: / { print $0;print "changetype: modify";print "replace: nsds5ReplicaUpdateSchedule";print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-";print "";print $0;print "changetype: modify"; print "replace:nsds5ReplicaUpdateSchedule";}
/^nsds5ReplicaUpdateSchedule: / { s = 1; print $0; }/^$/{if ( $s == 1 ){ print "-" ; print ""; }else{ print "nsds5ReplicaUpdateSchedule: 0000-2359 0123456";print "-" ; print ""; };s = 0; }
' > /tmp/ldif.$$echo "Ldif is in /tmp/ldif.$$"echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D "${SUP_MGRDN}" -w ${SUP_MGRPW} -f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst, I'm new to 389-ds admin , I have cfg a multimaster replication system , and read the RHES -DS documentation find the replicate_now script which is suppose to trigger master rep updates < 10 min, the script fails , there is no option for -1 in ldapsearch ...etc Wodner if any of you have an update script , I 'm running 389-ds on CentoS 6.5 .
Thank you Isabella
389-users@lists.fedoraproject.org