Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-3029

dsreplication disable --disableAll does not remove all replication data from other instances' cn=admin data backend.

    Details

      Description

      When decommissioning a DJ replica, “dsreplication disable --disableAll” does not remove all replication data from other instances cn=admin data backend.

      Use Case:

      1. Setup three replicated Master’s
      2. Disable Master2’s replication using dsreplication --set enabled:false
      3. Disable Master2 with dsreplication disable --disableAll.
      4. Stop Master2 and remove the server.

      Behavior:

      The decomissioned Master2’s data still exists in the other two servers cn=admin data backend and dsreplication status throws an javax.naming.CommunicationException.

      Example:

      1. Install 3 Masters
      2. Check replication status throughout.
      3. Decommission Master2 with the above commands
      4. Check replication status.

      Checking status for opendj.forgerock.com:4444 Tue May 17 13:27:40 MDT 2016

      Suffix DN           : Server                    : Entries : Replication enabled : DS ID : RS ID : RS Port (1) : M.C. (2) : A.O.M.C. (3) : Security (4)
      --------------------:---------------------------:---------:---------------------:-------:-------:-------------:----------:--------------:-------------
      dc=forgerock,dc=com : opendj.forgerock.com:4444 : 1000    : true                : 10000 : 10000 : 8989        : 0        :              : false
      dc=forgerock,dc=com : opendj.forgerock.com:5444 : 1000    : true                : 9949  : 12181 : 9989        : 0        :              : true
      dc=forgerock,dc=com : opendj.forgerock.com:6444 : 1000    : true                : 24720 : 28569 : 10989       : 0        :              : true
      

      Temporarily disable replication per Procedure 9.4. To Stop Replication Temporarily For a Replica

      ./dsconfig set-synchronization-provider-prop --port 5444 --hostname opendj.forgerock.com --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --set enabled:false --trustAll --no-prompt
      

      Checking status for opendj.forgerock.com:4444 Tue May 17 13:28:59 MDT 2016

      Suffix DN           : Server                    : Entries : Replication enabled : DS ID : RS ID : RS Port (1) : M.C. (2) : A.O.M.C. (3) : Security (4)
      --------------------:---------------------------:---------:---------------------:-------:-------:-------------:----------:--------------:-------------
      dc=forgerock,dc=com : opendj.forgerock.com:4444 : 1000    : true                : 10000 : 10000 : 8989        : 0        :              : false
      dc=forgerock,dc=com : opendj.forgerock.com:5444 : 1000    : false               : 9949  : 12181 : 9989        :          :              : false
      dc=forgerock,dc=com : opendj.forgerock.com:6444 : 1000    : true                : 24720 : 28569 : 10989       : 1        :              : true
      

      Permanently disable replication per Procedure 9.5. To Stop Replication Permanently For a Replica

      ./dsreplication disable --disableAll --port 5444 --hostname opendj.forgerock.com --adminUID admin --adminPassword password --trustAll --no-prompt
      
      Establishing connections ..... Done.
      Disabling replication on base DN dc=forgerock,dc=com of server
      opendj.forgerock.com:5444 .....Done.
      Disabling replication on base DN cn=schema of server opendj.forgerock.com:5444
      .....Done.
      Disabling replication on base DN cn=admin data of server
      opendj.forgerock.com:5444 .....Done.
      Removing references on base DN cn=admin data of server
      opendj.forgerock.com:6444 .....Done.
      Removing references on base DN dc=forgerock,dc=com of server
      opendj.forgerock.com:6444 .....Done.
      Removing references on base DN cn=schema of server opendj.forgerock.com:6444
      .....Done.
      Removing references on base DN cn=admin data of server
      opendj.forgerock.com:4444 .....Done.
      Removing references on base DN dc=forgerock,dc=com of server
      opendj.forgerock.com:4444 .....Done.
      Removing references on base DN cn=schema of server opendj.forgerock.com:4444
      .....Done.
      Disabling replication port 9989 of server opendj.forgerock.com:5444 ..... Done.
      Removing registration information ..... Done.
      
      See
      /var/folders/32/hqbp0t2n5k73f9ssp3ssc9740000gn/T/opendj-replication-1376734918196422025.log
      for a detailed log of this operation.
      

      Checking status for opendj.forgerock.com:4444 Tue May 17 13:30:02 MDT 2016

      Note: even though we’ve used “disable --disableAll”, opendj.forgerock.com:5444 still show’s up in the replication status.

      Suffix DN           : Server                    : Entries : Replication enabled : DS ID : RS ID : RS Port (1) : M.C. (2) : A.O.M.C. (3) : Security (4)
      --------------------:---------------------------:---------:---------------------:-------:-------:-------------:----------:--------------:-------------
      dc=forgerock,dc=com : opendj.forgerock.com:5444 : 1000    :                     :       :       :             :          :              : 
      dc=forgerock,dc=com : opendj.forgerock.com:4444 : 1000    : true                : 10000 : 10000 : 8989        : 0        :              : false
      dc=forgerock,dc=com : opendj.forgerock.com:6444 : 1000    : true                : 24720 : 28569 : 10989       : 0        :              : true
      

      Stop Master 2 - opendj.forgerock.com:5444

      Checking status for opendj.forgerock.com:4444 Tue May 17 13:31:07 MDT 2016

      The displayed information might not be complete because the following errors
      were encountered reading the configuration of the existing servers:
      
      Error on opendj.forgerock.com:5444: An error occurred connecting to the
      server.  Details: javax.naming.CommunicationException:
      opendj.forgerock.com:5444 [Root exception is java.net.ConnectException:
      Connection refused]
      
      Suffix DN           : Server                    : Entries : Replication enabled : DS ID : RS ID : RS Port (1) : M.C. (2) : A.O.M.C. (3) : Security (4)
      --------------------:---------------------------:---------:---------------------:-------:-------:-------------:----------:--------------:-------------
      dc=forgerock,dc=com : opendj.forgerock.com:4444 : 1000    : true                : 10000 : 10000 : 8989        : 0        :              : false
      dc=forgerock,dc=com : opendj.forgerock.com:6444 : 1000    : true                : 24720 : 28569 : 10989       : 0        :              : true
      

      Results:

      Master 1 and 3 have left over data in the admin-backed.ldif while the replica information was removed from the config.ldif.

      opendj; config/$ diff config.ldif backup/config.ldif 
      1971a1972
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      1979c1980
      < modifyTimestamp: 20160517193856Z
      ---
      > modifyTimestamp: 20160517193754Z
      1991a1993
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      1999c2001
      < modifyTimestamp: 20160517193856Z
      ---
      > modifyTimestamp: 20160517193754Z
      2011a2014
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      2019c2022
      < modifyTimestamp: 20160517193856Z
      ---
      > modifyTimestamp: 20160517193753Z
      2031a2035
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      2040c2044
      < modifyTimestamp: 20160517193856Z
      ---
      > modifyTimestamp: 20160517193753Z
      opendj; config/$ diff admin-backend.ldif backup/admin-backend.ldif 
      
      opendj; config/$ diff config.ldif backup/config.ldif
      1979a1980
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      1984d1984
      < entryUUID: 513e0cd8-c2ef-48e2-a5ea-74a8e0a0b21a
      1986,1987c1986
      < modifiersName: cn=admin,cn=Administrators,cn=admin data
      < modifyTimestamp: 20160517193856Z
      ---
      > entryUUID: 513e0cd8-c2ef-48e2-a5ea-74a8e0a0b21a
      1999a1999
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      2004d2003
      < entryUUID: 0d531c07-95ec-4b25-9c5f-ed458d895c67
      2006,2007c2005
      < modifiersName: cn=admin,cn=Administrators,cn=admin data
      < modifyTimestamp: 20160517193856Z
      ---
      > entryUUID: 0d531c07-95ec-4b25-9c5f-ed458d895c67
      2019a2018
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      2024d2022
      < entryUUID: cd6cd4d5-bbba-49bf-83f0-efa2442b404b
      2026,2027c2024
      < modifiersName: cn=admin,cn=Administrators,cn=admin data
      < modifyTimestamp: 20160517193856Z
      ---
      > entryUUID: cd6cd4d5-bbba-49bf-83f0-efa2442b404b
      2039a2037
      > ds-cfg-replication-server: opendj.forgerock.com:9989
      2045d2042
      < entryUUID: 7d5a938d-3006-4e0b-8fdf-e73ced3cf4a5
      2047,2048c2044
      < modifiersName: cn=admin,cn=Administrators,cn=admin data
      < modifyTimestamp: 20160517193856Z
      ---
      > entryUUID: 7d5a938d-3006-4e0b-8fdf-e73ced3cf4a5
      opendj; config/$ diff admin-backend.ldif backup/admin-backend.ldif
      
      opendj; config/$ pwd
      /opt/instances/replissue/master1/config
      opendj; config/$ cd 
      opendj; config/$ grep opendj.forgerock.com:5444 admin-backend.ldif
      uniqueMember: cn=opendj.forgerock.com:5444
      ds-sync-hist: uniqueMember:00000154c0397c26672100000004:add:cn=opendj.forgerock.com:5444
      dn: cn=opendj.forgerock.com:5444,cn=Servers,cn=admin data
      cn: opendj.forgerock.com:5444
      id: opendj.forgerock.com:5444
      
      opendj; config/$ pwd
      /opt/instances/replissue/master3/config
      opendj; config/$ grep opendj.forgerock.com:5444 admin-backend.ldif
      uniqueMember: cn=opendj.forgerock.com:5444
      ds-sync-hist: uniqueMember:00000154c0397c26672100000004:add:cn=opendj.forgerock.com:5444
      dn: cn=opendj.forgerock.com:5444,cn=Servers,cn=admin data
      cn: opendj.forgerock.com:5444
      id: opendj.forgerock.com:5444
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                lee.trujillo Lee Trujillo
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: