Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Open Directory Replica and Kerio
  •  
henk

Messages: 39
Karma: 0
Send a private message to this user
Hello all.

First a problem that is bugging us for a while. At one of our sites we have two identical Xserve's from which one is the OD Master and one is the OD Replica. Out of the box, freshly installed servers with all updates and a fresh and fully updated Kerio installation on the OD Master.

The replica is set up and seems to be replicating our OD users fine but still we got an error in Open Directory - Settings - General:

ERROR (See /var/run/openldap-slurp/replica/.rej)

I've posted the log a few weeks ago at another forum and they concluded that the Kerio schema isn't installed on the OD replica. I've tried to install the Open Directory extensions on the replica but get an error that the Kerio mailserver isn't installed on the replica (which is correct) and therefore cannot install anything.

Then I tried to install things manually using a few tips on these forums and the article found here:

http://www.afp548.com/article.php?story=20060228230005854&am p;query=schema

I eventually added the schema file by hand to /etc/openldap/schema on the replica. The schema was already present, but I just started over and re-added it anyway. Then I included the schema to the /etc/openldap/slapd.conf. I restarted OD master and replica but afterwards the problem persists. I even just copied all the appropriate files with scp to the replica but the outcome is the same.

What am I doing wrong? We can't certainly not be the only one in a Master - Replica setup? Is there a setup document how to setup it correctly? Any help is greatly appreciated.
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
One crucial information is missing - what OS version is on the master and replica?
There is no issue with 10.5 Leopard - Open Directory extension 6.6.x is correctly migrated to new replica. OD Extension MUST NOT be installed on the replica manually.
It is much worse on the Tiger as 10.4. Mac OS X does not support replication of custom attributes in Open Directory.

Solution for Tiger:
1. Create a new replica.
2. Install ODExt 6.6.x on the replica.
3. When the replica is created, open Terminal and run:

slapconfig -stopldapserver
slapadd -v -f /etc/openldap/slapd.conf -c -l /var/db/openldap/openldap-data/backup.ldif
slapconfig -startldapserver
slapconfig -startreplicator

Now, all users from the master are migrated to the replica and the replica is extended by Kerio attributes.

[Updated on: Tue, 13 January 2009 22:42]

  •  
henk

Messages: 39
Karma: 0
Send a private message to this user
Thanks you so much for replying.

Kerio_pdobry wrote on Tue, 13 January 2009 22:41

One crucial information is missing - what OS version is on the master and replica?


Both are 10.5.5 and are freshly installed, this isn't an upgrade from 10.4

Kerio_pdobry wrote on Tue, 13 January 2009 22:41

There is no issue with 10.5 Leopard - Open Directory extension 6.6.x is correctly migrated to new replica. OD Extension MUST NOT be installed on the replica manually.


OK, it gave me the 'You don't have Kerio mailserver running' error already so that figures. But how SHOULD they be installed then?

Kerio_pdobry wrote on Tue, 13 January 2009 22:41

It is much worse on the Tiger as 10.4. Mac OS X does not support replication of custom attributes in Open Directory.

Solution for Tiger:
1. Create a new replica.
2. Install ODExt 6.6.x on the replica.
3. When the replica is created, open Terminal and run:

slapconfig -stopldapserver
slapadd -v -f /etc/openldap/slapd.conf -c -l /var/db/openldap/openldap-data/backup.ldif
slapconfig -startldapserver
slapconfig -startreplicator

Now, all users from the master are migrated to the replica and the replica is extended by Kerio attributes.



Just to be sure, this is only for Tiger right? So this doesn't go for our situation (since we have 10.5.5)?
  •  
henk

Messages: 39
Karma: 0
Send a private message to this user
  •  
altivec

Messages: 98

Karma: 0
Send a private message to this user
bump!

I have the same issue.

Two Xserve

Xserve 1:
OD Master
Kerio MailServer 6.6.2
Kerio OD Plug-In

Xserve 2:
OD Replica
Kerio OD Plug-In

I still have the error and the replica works for couple hours when modification are done on the Master but after that it stop replicate.


Thank!

KMS1 6.7.2: Xserve 10.5.8 - 150 users
KMS2 6.7.2: Xserve 10.5.8 - 50 users
KMS3 6.7.2: Xserve 10.5.8 - 10 users/MX BackUp
KMS4 Beta: Xserve 10.5.8 - MX BackUp2
iPhone/WindowsMobile/Blackberry/Nokia

KWF Beta: HP DL380 on ESXi 4.0 - 60 users
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
altivec wrote on Thu, 05 February 2009 14:56

bump!
I have the same issue.
Two Xserve
Xserve 1:
OD Master
Kerio MailServer 6.6.2
Kerio OD Plug-In

Xserve 2:
OD Replica
Kerio OD Plug-In

I still have the error and the replica works for couple hours when modification are done on the Master but after that it stop replicate.
Thank!


In case that both OD servers are running Leopard 10.5.3 and later, Kerio OD Extension must not be installed on the replica. OD Master propagates all necessary changes to all new OD replicas created after Kerio OD installation on the OD master.

Installing Kerio OD Extension manually on the OD replica may break replication and cause the OD replica to refuse start due to duplicate data in the LDAP schema.

If the replication process does not migrate all data from the OD master, check slapconfig log on the replica server for possible errors.
  •  
altivec

Messages: 98

Karma: 0
Send a private message to this user
Thank for the info.

So what should i do now ?

Can i uninstall the Kerio OD Plug-In and just recreate the Replica ?

Will it fix the issue ?

Any operation needed on the OD Master ?


Thank!

KMS1 6.7.2: Xserve 10.5.8 - 150 users
KMS2 6.7.2: Xserve 10.5.8 - 50 users
KMS3 6.7.2: Xserve 10.5.8 - 10 users/MX BackUp
KMS4 Beta: Xserve 10.5.8 - MX BackUp2
iPhone/WindowsMobile/Blackberry/Nokia

KWF Beta: HP DL380 on ESXi 4.0 - 60 users
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
henk wrote on Thu, 15 January 2009 08:11

Thanks you so much for replying.

Both are 10.5.5 and are freshly installed, this isn't an upgrade from 10.4


It should work then automatically.

Quote:


OK, it gave me the 'You don't have Kerio mailserver running' error already so that figures. But how SHOULD they be installed then?



I'm not sure where the message comes from (does not sound familiar). Anyway, make sure all data are correctly migrated to the OD replica (verify that all user accounts are there) and make sure that credentials used in Domain Settings for mapping users from OD are correct.
Also, please note that it is not possible to change data in OD replicas, therefore changing user attributes (except the password) when KMS is connected to the replica will not work.

Quote:


Just to be sure, this is only for Tiger right? So this doesn't go for our situation (since we have 10.5.5)?



Yes, this is only for Tiger and Leopard 10.5.0,10.5.1 and 10.5.2.
  •  
altivec

Messages: 98

Karma: 0
Send a private message to this user
OD Plug-In have been install with the Kerio Installer only as it was brought in older thread long ago.

What should i do now to clean up the mess ?

Uninstall OD Plug-In on replica ?
Promote to Standalone then to Replica again ?
Anything to do on the OD Master ?

KMS1 6.7.2: Xserve 10.5.8 - 150 users
KMS2 6.7.2: Xserve 10.5.8 - 50 users
KMS3 6.7.2: Xserve 10.5.8 - 10 users/MX BackUp
KMS4 Beta: Xserve 10.5.8 - MX BackUp2
iPhone/WindowsMobile/Blackberry/Nokia

KWF Beta: HP DL380 on ESXi 4.0 - 60 users
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
altivec wrote on Thu, 05 February 2009 15:40

Thank for the info.

So what should i do now ?
Can i uninstall the Kerio OD Plug-In and just recreate the Replica ?
Will it fix the issue ?
Any operation needed on the OD Master ?
Thank!


1. Make sure that Kerio OD Extension 6.6.2 is installed on the OD master.
2. Uninstall Kerio OD Extension from the OD replica.
3. Destroy the replica. Create new one.
4. Check slapconfig log in the Console. If there are no errors, it's finished.
  •  
altivec

Messages: 98

Karma: 0
Send a private message to this user
Great, i'll give it a try tonight i'll keep u update in the morning if the replica still keep up.

KMS1 6.7.2: Xserve 10.5.8 - 150 users
KMS2 6.7.2: Xserve 10.5.8 - 50 users
KMS3 6.7.2: Xserve 10.5.8 - 10 users/MX BackUp
KMS4 Beta: Xserve 10.5.8 - MX BackUp2
iPhone/WindowsMobile/Blackberry/Nokia

KWF Beta: HP DL380 on ESXi 4.0 - 60 users
  •  
henk

Messages: 39
Karma: 0
Send a private message to this user
I'll try also asap.

Edit: Although I do not expect this to solve my issues. We had the problems before installation of the OD extensions, else we wouldn't have installed them in the first place.

[Updated on: Fri, 06 February 2009 07:29]

  •  
altivec

Messages: 98

Karma: 0
Send a private message to this user
I still have the issue on the OD Master here the LDAP logs error as the useal:

Feb 6 09:22:04 prime slapd[69610]: <= bdb_equality_candidates: (kerio-Mail-Address) index_param failed (18)
Feb 6 09:22:34: --- last message repeated 13 times ---

KMS1 6.7.2: Xserve 10.5.8 - 150 users
KMS2 6.7.2: Xserve 10.5.8 - 50 users
KMS3 6.7.2: Xserve 10.5.8 - 10 users/MX BackUp
KMS4 Beta: Xserve 10.5.8 - MX BackUp2
iPhone/WindowsMobile/Blackberry/Nokia

KWF Beta: HP DL380 on ESXi 4.0 - 60 users
  •  
henk

Messages: 39
Karma: 0
Send a private message to this user
We've destroyed the OD replica and made sure we had a complete stand alone server. The Kerio OD Extensions were already version 6.6.2 but we've re-installed them anyway on the OD master. Both were rebooted after the process. After the reboot we promoted the stand alone server to the OD replica again and the problem remains. Both were restarted again and the problem was still the same. I tried these steps because support asks me to but I was pretty sure it wouldn't solve my problems. The reason being that we had this problem right after the clean install of both servers, before the OD extensions were even installed on the replica.

Please advice how to proceed from here.
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
henk wrote on Thu, 12 February 2009 10:21

We've destroyed the OD replica and made sure we had a complete stand alone server. The Kerio OD Extensions were already version 6.6.2 but we've re-installed them anyway on the OD master. Both were rebooted after the process. After the reboot we promoted the stand alone server to the OD replica again and the problem remains. Both were restarted again and the problem was still the same. I tried these steps because support asks me to but I was pretty sure it wouldn't solve my problems. The reason being that we had this problem right after the clean install of both servers, before the OD extensions were even installed on the replica.
Please advice how to proceed from here.


Can you be more specific about what "this problem" is? Is it a replication issue that some changes are nor replicated with slurpd?
Can you send us the /Library/Logs/slapconfig.log?

Also, I'm still confused about "Kerio Mailserver is not installed" error because Kerio OpenDirectory Extention does not check presence of KMS at all. Where did you get the error?
Previous Topic: Updating tasks - and inform the sender?
Next Topic: Does anyone use KOFF and NOT have problems?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Sep 21 06:51:53 CEST 2017

Total time taken to generate the page: 0.00557 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.