[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
replication - don't understand
Hello openldap-software,
How can i configure two OpenLDAP servers to act like in "3.3.
Replicated Directory Service" part of administrator's guide?
For now i have two servers, master and slave, if i change something
on master server, slurpd telling slave the cheanges, but i can't
understand how can i make referrals work? When i'm changing
something on slave - it's nothing in logs that say something about
referrals:
slave logs:
May 27 17:47:22 icarus slapd[83587]: conn=0 op=4 MOD dn="uid=test99, ou=users, o=Start,c=RU"
May 27 17:47:22 icarus slapd[83587]: conn=0 op=4 RESULT tag=103 err=0 text=
May 27 17:47:22 icarus slapd[83587]: conn=0 op=5 SRCH base="uid=test99, ou=users, o=Start,c=RU" scope=0 filter="(objectClass=*)"
May 27 17:47:22 icarus slapd[83587]: conn=0 op=5 SEARCH RESULT tag=101 err=0 text=
May 27 17:47:42 icarus slapd[83587]: conn=0 op=6 MOD dn="uid=test99, ou=users, o=Start,c=RU"
May 27 17:47:42 icarus slapd[83587]: conn=0 op=6 RESULT tag=103 err=0 text=
May 27 17:47:42 icarus slapd[83587]: conn=0 op=7 SRCH base="uid=test99, ou=users, o=Start,c=RU" scope=0 filter="(objectClass=*)"
May 27 17:47:42 icarus slapd[83587]: conn=0 op=7 SEARCH RESULT tag=101 err=0 text=
master logs: nothing
Master server configuration:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/corba.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/RADIUS-LDAPv3.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
access to dn=".*,ou=users,o=Start,c=RU" attr=userPassword
by dn="cn=root,o=Start,c=RU" write
by dn="cn=admin,o=Start,c=RU" read
by self write
by * auth
access to dn=".*,ou=users,o=Start,c=RU"
by * read
access to dn="cn=radprofile,o=Start,c=RU"
by dn="cn=admin,o=Start,c=RU" read
by * auth
access to dn=".*,o=Start,c=RU"
by dn="cn=replica,o=Start,c=RU" write
by * auth
access to dn="cn=root,o=Start,c=RU"
by self write
by * auth
access to dn="cn=dialup-group,o=Start,c=RU"
by dn="cn=admin,o=Start,c=RU" read
by * auth
access to dn=".*,o=Start,c=RU"
by * read
database ldbm
password-hash {MD5}
suffix "o=Start,c=RU"
rootdn "cn=root,o=Start,c=RU"
rootpw somesecret
directory /var/db/openldap-ldbm
index objectClass eq
replogfile /var/log/slapd.replog
replica host=slave.domain.ru:389
binddn="cn=replica,o=Start,c=RU"
bindmethod=simple credentials=secret
Slave server configuration:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/corba.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/RADIUS-LDAPv3.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
access to dn=".*,ou=users,o=Start,c=RU" attr=userPassword
by dn="cn=root,o=Start,c=RU" write
by dn="cn=admin,o=Start,c=RU" read
by self write
by * auth
access to dn=".*,ou=users,o=Start,c=RU"
by * read
access to dn="cn=radprofile,o=Start,c=RU"
by dn="cn=admin,o=Start,c=RU" read
by * auth
access to dn="cn=root,o=Start,c=RU"
by self write
by * auth
access to dn="cn=dialup-group,o=Start,c=RU"
by dn="cn=admin,o=Start,c=RU" read
by * auth
access to dn=".*,o=Start,c=RU"
by * read
database ldbm
password-hash {MD5}
suffix "o=Start,c=RU"
rootdn "cn=replica,o=Start,c=RU"
rootpw secret
directory /var/db/openldap-ldbm/
index objectClass eq
updatedn "cn=replica,o=Start,c=RU"
updateref ldap://master.domain.ru:389
--
Best regards,
Alexander mailto:lan_mailing@startatom.ru