Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7014

Some operational attributes are not replicated when a restore --dry-run is used against an online server

    Details

    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 6.5.2, 6.5.1, 6.5.0, 6.0.0, 5.5.2, 5.5.1, 5.5.0, 4.0.0, 6.5.3, 7.0.0
    • Fix Version/s: Not applicable, 6.5.4
    • Component/s: replication, tools
    • Labels:

      Description

      When a "restore --dry-run " command is issued to an online server taking writes, replication is paused and the following metadata is not replicated once the restore completes and replication fires:

      • createTimeStamp
      • creatorsName
      • pwdChangedTime
      ./ldapsearch --bindDN "cn=Directory Manager" --bindPasswordFile passwordfile --port 1636 --useSsl --trustAll --hostname opendj.forgerock.com --baseDN dc=example,dc=com "(uid=user.100000067
      1)" +
      
      dn: uid=user.1000000671,ou=People,dc=example,dc=com
      createTimestamp: 20200316175619Z
      pwdChangedTime: 20200316175619.804Z
      creatorsName: cn=Directory Manager,cn=Root DNs,cn=config
      ds-sync-hist: dn:00000170e47d44dc4c6b0000006a:add
      entryUUID: 73e66979-4bda-4ebc-aa4a-11314df0c3a3
      pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
      subschemaSubentry: cn=schema
      hasSubordinates: false
      numSubordinates: 0
      etag: 00000000162c0d4a
      structuralObjectClass: inetOrgPerson
      entryDN: uid=user.1000000671,ou=People,dc=example,dc=com
      
      ./ldapsearch --bindDN "cn=Directory Manager" --bindPasswordFile passwordfile --port 2636 --useSsl --trustAll --hostname opendj.forgerock.com --baseDN dc=example,dc=com "(uid=user.1000000671)" +
      dn: uid=user.1000000671,ou=People,dc=example,dc=com
      ds-sync-hist: dn:00000170e47d44dc4c6b0000006a:add
      entryUUID: 73e66979-4bda-4ebc-aa4a-11314df0c3a3
      pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
      subschemaSubentry: cn=schema
      hasSubordinates: false
      numSubordinates: 0
      etag: 000000009babe646
      structuralObjectClass: inetOrgPerson
      entryDN: uid=user.1000000671,ou=People,dc=example,dc=com
      
      ./ldapsearch --bindDN "cn=Directory Manager" --bindPasswordFile passwordfile --port 3636 --useSsl --trustAll --hostname opendj.forgerock.com --baseDN dc=example,dc=com "(uid=user.1000000671)" +
      dn: uid=user.1000000671,ou=People,dc=example,dc=com
      ds-sync-hist: dn:00000170e47d44dc4c6b0000006a:add
      entryUUID: 73e66979-4bda-4ebc-aa4a-11314df0c3a3
      pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
      subschemaSubentry: cn=schema
      hasSubordinates: false
      numSubordinates: 0
      etag: 000000009babe646
      structuralObjectClass: inetOrgPerson
      entryDN: uid=user.1000000671,ou=People,dc=example,dc=com

      Test case:

      1. Create a DS+RS topology with 2 or more replicas containing 10 million entries or more.; you need enough entries to allow the restore --dry-run to take some time while new entries are added to the same server.
      2. Complete a full backup of the main backend.
      3. Run the following online restore --dry-run command and before this completes, ADD an entry to the same server the restore is issued to.
      4. Check the metadata on the local and remote replicas for the entry previously added.

       

      ./restore --dry-run --hostname localhost --port 4444 --bindDN "cn=Directory Manager" --bindPasswordFile passwordfile --trustAll --backupDirectory /opt/instances/backups --backupID 20200316160637Z

       

      Setup commands:

      Master 1

      ./setup ./setup directory-server --baseDN dc=example,dc=com --sampleData 10000000 --ldapPort 1389 --adminConnectorPort 4444 --rootUserDN cn=Directory Manager --rootUserPassword LBN3FLPj1 --enableStartTLS --ldapsPort 1636 --hostName opendj1.example.com --quiet --acceptLicense
      

      Masters 2 & 3

      ./setup ./setup directory-server --baseDN dc=example,dc=com --addBaseEntry --ldapPort 2389 --adminConnectorPort 5444 --rootUserDN cn=Directory Manager --rootUserPassword LBN3FLPj1 --enableStartTLS --ldapsPort 2636 --hostName opendj2.example.com --quiet --acceptLicense
      

      Workarounds

      • Take a server offline to perform a restore --dry-run.
      • If you must perform a restore --dry-run against an online server, then that server should not take local writes during the restore --dry-run.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                JnRouvignac Jean-Noël Rouvignac
                Reporter:
                lee.trujillo Lee Trujillo
                Dev Assignee:
                Ludovic Poitou
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: