[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Syncrep without sessionlog in slapd.conf



Hi,

Could you give an example, what to put on updatedn, binddn and credential. For example my name is register on this master ldap, could I use for both. Sorry to ask more since I'm very newbi on openldap.

below is my conf

rootdn          "cn=master,o=mydomain.com"
rootpw          *****
index           objectClass     eq
index           cn,sn,uid       pres,eq,sub
directory       /home/firman/temp/data/


syncrepl rid=0 provider=ldap://**** bindmethod=simple searchbase="o=mydomain.com" filter="(objectClass=*)" schemachecking=on scope=sub type=refreshOnly interval=00:00:00:10 binddn="uid=firman,ou=area,o=mydomain.com" updatedn="uid=firman,ou=area,o=mydomain.com" credentials=**** attrs="*"


but when I run it there is

ldap_msgfree
=> bdb_entry_get: ndn: "cn=syncrepl0,o=mydomain.com"
=> bdb_entry_get: oc: "(null)", at: "syncreplCookie"
bdb_dn2entry("cn=syncrepl0,o=mydomain.com")
=> bdb_dn2id( "o=mydomain.com" )
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990)
=> bdb_entry_get: cannot find entry: "cn=syncrepl0,o=mydomain.com"
ldap_search_ext


Hope this help.

Thank You,

Lee Jensen wrote:

On Wed, 2005-03-16 at 15:31 +0700, Firman Indra Buana wrote:


Hi,

Sorry for the ambiguity, the case is I want to synrepl other master ldap. There is master ldap with openldap, the resource is close for me unless for query. So I've an idea to syncrepl but how to do it without doing any change in configuration of master ldap. So only write to my database not to the master. Hope there is a answer for this.



I think I understand what you are asking. Let me make sure...

You want to be able to do replication without modifying the
configuration of the master whatsoever... Correct??

First, this is possible.

However for syncrepl replication you need 2 user DNs one in the slave
and one in the master. The master dn you use must be able to read
everything in the tree. The manager DN can do this by default but I
would not recommend using it unless you have to because it requires you
to place the managers password into the slave configuration file.

The DN in the slave just needs to exist, it can be any class of object,
whatever you choose, but it must be given access through ACLs to write
to the entire tree.

Hope this clarifies...

Lee Jensen