[389-users] memberof entries not appearing in replica with memberof plugin

John A. Sullivan III jsullivan at opensourcedevel.com
Wed Nov 11 04:35:20 UTC 2009

Hello, all.  I'm running CentOS Directory Server 8.1 on CentOS 5.4.  For
some reason, the memberof plugin does not seem to be working on the
replica.  My first suspicion is we have done something wrong but I
wonder if there is an error in the documentation.  Here are the details.

We are single master setup with a single replica.  We noticed some of
our LDAP queries were not correctly detecting group membership.  We
double checked the memberofplugin configuration and, for some reason, it
seem to have reverted to looking at member instead of uniquemember.  We
changed this on the master and our problem went away.

However, in the process of double-checking our steps, we read that the
memberof attribute should NOT be replicated.  We had not excluded it.
So, we destroyed the replication agreement, created a new fractional
replication enabled one, and reinitialized the replica.  All of the
memberof information was missing from all users on the replica.  We then
tried to rebuild it by running the fixup-memberof.pl script.  That
didn't work.  We then simply tried deleting users from groups and adding
them to see if that would work. It worked fine on the master but not on
the replica.

Is the documentation in error and replication of memberof should be
excluded only in multimaster but should be propagated to consumers or
have we done something wrong? I compared the memberofplugin definitions
in dse.ldif on both and they look identical including being enabled.
Nothing is jumping out in the error or audit logs.

We eventually added memberof to the replication agreement and
resynchronized just to get the data across.  We've pulled it back out
and, as expected, any changes are not replicating.  What are we doing
wrong? Where do we look next to troubleshoot it? Thanks - John
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

Making Christianity intelligible to secular society

More information about the Fedora-directory-users mailing list