RE: replication setup

[jawed abbasi <jabbasi@yahoo.com>]

Ok Guys I resolved my problem of How to log slurpd, after reading manpages , which said that slurpd.log are really read by slapd, and my slapd was running as user ldap while the log I was trying had  permissions for root.

Plus My slurpd is crating dir /var/lib/ldap/replica. there it is creating all files like lock file status file , anf file slapd.replog , So I change permissions and thing are working now.

 

Thanks to everyone

Jason Tey <jason.tey@pivod.com> wrote:

Jawed,

 

A small crash course on replication with LDAP.

The replogfile directive, tells ?slapd? where to write replication info when replicate data is changed.

?slurpd? polls this file (in your case /var/log/slurpd.log) and when there are changes to this file, slurpd writes the changes to the slave LDAP directory.

 

I strongly suggest that you use separate accounts for masters and slaves. I use ?person? objects for my accounts.

 

IN THE MASTERSLAPD.conf

Give the person object access to the root, e.g.

 

access to *

      by dn="cn=yourMaster,dc=dn of Wherever the account is" write

      by * read

 

Then you?ll have the replica host as you do below:

IN your database definition:

 

Database    bdb

Suffix      ?whatever suffix?

 

replogfile /var/log/slurpd.log

 

replica host= pcNavYkfSupp1.navtechinc.com:389
      binddn="cn=yourMaster,dc=dn of Wherever the account is"

      bindmethod=simple

      credentials=secret

You shouldn?t need apostrophes (?) on the password

 

 

 

 

In you slave slapdSlave.conf you only need the updateref and updatedn directives and the access directive I wrote above..

e.g.

access to *

      by dn="cn=yourMaster,dc=dn of Wherever the account is" write

      by * read

 

IN your database definition:

 

Database    bdb

Suffix      ?whatever suffix (same as master)?

 

updatedn "cn=yourMaster,dc=dn of Wherever the account is"

updateref "ldap://pcNavYkfSupp2.navtechinc.com"

 

THAT, is pretty much all there is to Master/Slave replication?

Do That, and you?ll be laughing mate.

 

Jason.

 

Perth WA, Australia.

 

 

Hello

 

 I am trying to setup replication stuff, and yes I admit I really don't understand replication well, so please help me out

 

here is my setup

 

Master slapd.conf

replogfile  /var/log/slurpd.log
syslog-level 4
replica host=pcNavYkfSupp1.navtechinc.com:389
        binddn=Manager,dc=navtechinc,dc=com
        bindmethod=simple credentials='secret'
#        tls=yes

 

Slave ldap

 

# Replicas to which we should propagate changes
#replica host=ldap-1.example.com:389 tls=yes
#       bindmethod=sasl saslmech=GSSAPI
#       authcId=host/ldap-master.example.com@EXAMPLE.COM
updatedn "cn=Manager,dc=navtechinc,dc=com"
updateref "ldap://pcNavYkfSupp2.navtechinc.com"

 

I put binddn and updatedn as Manager as I was not sure if I realy need another dn in ldap database to auth.

 

Strange thing slurpd is not creating any loginfo in the log file I told it to do in slapd.conf.

it created /var/lib/ldap/replic dir and there are 2 files on is status file other is lock file.

I can only run it as root as

usage: slurpd   [-d debug-level] [-s syslog-level]
                [-f slapd-config-file] [-r replication-log-file]
                [-t tmp-dir] [-o]

All those file and replic dir are owned by root.

On slave I even don't see slurpd connecting to ldap on slave

 

Please give me some hint

Thanks

 

 

---

Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software