The following guide has information on how to configure delta-sync replication with OpenLDAP, but has a few issues https://help.ubuntu.com/lts/serverguide/openldap-server.html
a) This modification is incorrect:
# syncrepl Provider for primary db
dn: olcOverlay=syncprov,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpNoPresent: TRUE
As noted in the slapo-syncprov(5) man page, setting NOPRESENT to TRUE is only valid on an accesslog databse NOT the primary database. The valid options for the primary database are the checkpoint and sessionlog options
b) The guide makes no mention of setting a proper sessionlog value for the syncprov overlay. This is critical for avoiding a known bug in sync replication (https://www.openldap.org/its/index.cgi/?findid=8125). It's generally mandatory that the sessionlog be no less than, and preferably larger, than the total number of entries in the primary database.
c) The guide uses the rootdn for the replication configuration. This is not the recommended way to set up replication in OpenLDAP and can cause issues. A replication specific DN that is NOT a rootdn should be used for replication instead.
Thanks!
Regards,
Quanah
Thanks for filing this. We are updating the server guide for the next LTS, and I linked this bug to that section.