<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi Christoph,<br>
<br>
bad news. So to summarize, you have a procedure to cleanup your env,
but once you restart the master the ghosts are back.<br>
<br>
I really want to find out where they are coming from, so If you have
to restart your server, could you please lookup these data, after
the server is stopped:<br>
<br>
dbscan -f
/var/lib/dirsrv/slapd-<INSTANCE>s/db/userRoot/nsuniqueid.db -k
=ffffffff-ffffffff-ffffffff-ffffffff -r<br>
=ffffffff-ffffffff-ffffffff-ffffffff <br>
3 <br>
this gives you the RUVID and you can look it up in the database<br>
[root@elkris scripts]# dbscan -f
/var/lib/dirsrv/slapd-<INSTANCE>/db/userRoot/id2entry.db -K
<RUVID><br>
id 3<br>
rdn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff<br>
nsUniqueId: ffffffff-ffffffff-ffffffff-ffffffff<br>
objectClass: top<br>
objectClass: nsTombstone<br>
objectClass: extensibleobject<br>
nsds50ruv: {replicageneration} 51dc3bac000000640000<br>
nsds50ruv: {replica 100 <a class="moz-txt-link-freetext" href="ldap://localhost:30522">ldap://localhost:30522</a>}
557fd541000000640000 557fd9d30<br>
00000640000<br>
nsds50ruv: {replica 200 <a class="moz-txt-link-freetext" href="ldap://localhost:4945">ldap://localhost:4945</a>}
557fd6e6000000c80000 557fda0e00<br>
......<br>
<br>
then check the contents of the changelog:<br>
[root@elkris scripts]# dbscan -f
/var/lib/dirsrv/slapd-<INSTANCE>/changelogdb/ec450682-7c0a11e2-aa0e8005-8430f734_51dc3bac000000640000.db
| more<br>
<br>
the first entries contain th ruv data:<br>
dbid: 0000006f000000000000<br>
entry count: 307<br>
<br>
dbid: 000000de000000000000<br>
purge ruv:<br>
{replicageneration} 51dc3bac000000640000<br>
{replica 100 <a class="moz-txt-link-freetext" href="ldap://localhost:30522">ldap://localhost:30522</a>}<br>
{replica 200 <a class="moz-txt-link-freetext" href="ldap://localhost:30522">ldap://localhost:30522</a>}<br>
<br>
dbid: 0000014d000000000000<br>
max ruv:<br>
{replicageneration} 51dc3bac000000640000<br>
{replica 100} 557fd541000000640000 557fd9d3000000640000<br>
{replica 200} 557fd6e6000000c80000 557fda0e000000c80000<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 06/12/2015 07:38 AM, Christoph
Kaminski wrote:<br>
</div>
<blockquote
cite="mid:OF6E96761C.C618729D-ONC1257E62.001EAAAF-C1257E62.001EF495@biotronik.com"
type="cite"><tt><font size="2">I've been too early pleased :/
After ipactl restart of
our first master (where we re-initialize from) are the 'ghost'
rids again
there...</font></tt>
<br>
<br>
<tt><font size="2">I think there is something like a fs backup for
dirsrv
(changelog?) but where? </font></tt>
<br>
<br>
<tt><font size="2">> <br>
> we had the same problem (and some more) and yesterday we
have <br>
> successfully cleaned the gohst rid's</font></tt>
<br>
<tt><font size="2">> <br>
> our fix:</font></tt>
<br>
<tt><font size="2">> <br>
> 1. stop all cleanallruv Tasks, if it works with
ipa-replica-manage
<br>
> abort-clean-ruv. It hasnt worked here. We have done it
manually on
<br>
> ALL replicas with:</font></tt>
<br>
<tt><font size="2">> a) replica stop</font></tt>
<br>
<tt><font size="2">> b) delete all nsds5ReplicaClean from
/etc/dirsrv/slapd-HSO/dse.ldif</font></tt>
<br>
<tt><font size="2">> c) replica start</font></tt>
<br>
<tt><font size="2">> <br>
> 2. prepare on EACH ipa a cleanruv ldif file with ALL
ghost rids <br>
> inside (really ALL from all ipa replicas, we has had some
rids only
<br>
> on some replicas...)</font></tt>
<br>
<tt><font size="2">> Example:</font></tt>
<br>
<tt><font size="2">> <br>
> dn: cn=replica,cn=dc\3Dexample,cn=mapping tree,cn=config</font></tt>
<br>
<tt><font size="2">> changetype: modify</font></tt>
<br>
<tt><font size="2">> replace: nsds5task</font></tt>
<br>
<tt><font size="2">> nsds5task:CLEANRUV11</font></tt>
<br>
<tt><font size="2">> <br>
> dn: cn=replica,cn=dc\3Dexample,cn=mapping tree,cn=config</font></tt>
<br>
<tt><font size="2">> changetype: modify</font></tt>
<br>
<tt><font size="2">> replace: nsds5task</font></tt>
<br>
<tt><font size="2">> nsds5task:CLEANRUV22</font></tt>
<br>
<tt><font size="2">> <br>
> dn: cn=replica,cn=dc\3Dexample,cn=mapping tree,cn=config</font></tt>
<br>
<tt><font size="2">> changetype: modify</font></tt>
<br>
<tt><font size="2">> replace: nsds5task</font></tt>
<br>
<tt><font size="2">> nsds5task:CLEANRUV37</font></tt>
<br>
<tt><font size="2">> ...</font></tt>
<br>
<tt><font size="2">> <br>
> 3. do a "ldapmodify -h 127.0.0.1 -D "cn=Directory
Manager"
-W -x -f <br>
> $your-cleanruv-file.ldif" on all replicas AT THE SAME
TIME :)
we <br>
> used terminator for it (</font></tt><a
moz-do-not-send="true" href="https://launchpad.net/terminator"><tt><font
size="2">https://launchpad.net/terminator</font></tt></a><tt><font
size="2">).
You can <br>
> open multiple shell windows inside one window and send to
all at the<br>
> same time the same commands...</font></tt>
<br>
<tt><font size="2">> <br>
> 4. we have done a re-initialize of each IPA from our
first master</font></tt>
<br>
<tt><font size="2">> <br>
> 5. restart of all replicas</font></tt>
<br>
<tt><font size="2">> <br>
> we are not sure about the point 3 and 4. Maybe they are
not <br>
> necessary, but we have done it.</font></tt>
<br>
<tt><font size="2">> <br>
> If something fails look at defect LDAP entries in whole
ldap, we <br>
> have had some entries with 'nsunique-$HASH' after the
'normal' name.<br>
> We have deleted them.</font></tt>
<br>
<tt><font size="2">> <br>
> MfG<br>
> Christoph Kaminski<br>
> <br>
> <br>
</font></tt>
<br>
<font face="sans-serif" size="2"><br>
<br>
</font>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>