[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Proxying data for syncrepl


Maybe I didn't pose the question very well.
My Proxy Server is configured as a Syncrepl provider. The only difference to a "standard" Syncrepl Configuration is that the data isn't held local on the provider in a database but in a "database ldap".
And this configuration does work.

That means:
Syncrepl should take place between my consumer and the provider (which is itself configured as a proxy). The ldap-server which is working as the database backend of my proxy shouldn't need to understand anything about syncrepl. Correct? If yes - why does an OpenLDAP running as backend work but another ldap server (domino) doesn't?

I've included the 3 relevant slapd.conf files.I would really appreciate some additional input. It's frustrating because it does work...
as long as vm04 is an openldap server and not domino. But from everything I've read, and from my tests, I don't understand why it matters what is behind vm04? It's just an ldap server.

Thank you very much for your support.
Kind Regards
Bonnie

####################################
Consumer Configuration (vm01.indaal.de)
####################################
database        bdb
suffix          "o=four"
rootdn          "cn=Manager,o=one"
directory       /var/lib/ldap/four
lastmod         on
index           default pres,eq
index           entryCSN pres,eq
syncrepl        rid=001
        provider=ldap://vm03.indaal.de/
        type=refreshAndPersist
        interval=00:00:01:00
        retry="5 5 300 +"
        searchbase="o=four"
        schemachecking=off
        bindmethod=simple
        binddn="cn=Manager,o=four"
        credentials=secret

###################################################
Syncrepl Provider Configuration (vm03.indaal.de / the proxy)
###################################################
database        ldap
suffix          "o=four"
rootdn          "cn=Manager,o=three"
uri             ldap://vm04.indaal.de/
acl-bind        binddn="cn=Manager,o=four" bindmethod=simple credentials=secret
lastmod         on
overlay syncprov

######################################
Standard Directory Server (vm04.indaal.de)
######################################
database        bdb
suffix          "o=four"
checkpoint      1024    5
cachesize       10000
rootdn          "cn=Manager,o=four"
rootpw          secret
directory       /var/lib/ldap
index   objectClass                     eq,pres
index   ou,cn,mail,sn                   eq,pres,sub
index   uidNumber                       eq,pres
index   entryUUID,entryCSN              eq


Bonnie Oostenbrug

Indaal Information Management GmbH
Königstrasse 257
D-47798 Krefeld
Tel: + 49 (0)2151 - 60748 16
Fax: +49 (0)2151 - 60748 10

bonnie.oostenbrug@indaal.de
http://www.indaal.de


Gavin Henry <ghenry@suretecsystems.com>
Sent by: openldap-technical-bounces+bonnie.oostenbrug=indaal.de@OpenLDAP.org

18.08.2008 16:15

To
Bonnie Oostenbrug <Bonnie.Oostenbrug@indaal.de>
cc
openldap-technical@openldap.org
Subject
Re: Proxying data for syncrepl






----- "Bonnie Oostenbrug" <Bonnie.Oostenbrug@indaal.de> wrote:

> Hi,
>
> I am trying to set up the following configuration. Unfortunately,
> without much luck so far.
>
> 1. A Directory Server capable of LDAP e.g. LotusDomino, OpenLDAP, AD,
> etc....
> (This Server isn't/can't be specially configured for replication. I
> can only ensure that the schema is correct. That is the whole point of
> my undertaking - because Lotus Domino/AD support it.

They support their own kind of replication, which is normally already configured,
hence why it appears you don't need to enable anything.

> 2. OpenLDAP configured as Proxy with a database of type LDAP with
> overlay syncprov configured and a uri that points to my Directory
> Server

This won't work. Read more about how Syncrepl works at:

http://www.openldap.org/doc/admin24/replication.html#LDAP%20Sync%20Replication

You can only use Syncrepl against a Syncrepl provider.

> 3. A Consumer with a database of type BDB configured for syncrepl with
> my proxy as provider
>
> The whole idea is to be able to use this setup to incorporate
> information from diverse legacy directory servers and get it into a
> manageable standard OpenLDAP Directory. Without exports etc. I need to
> have the data replicated down local to my consumer due to Network
> restrictions.
> I want to be able to point my Proxy at 3 different Directory Servers
> and replicate this content down to a single consumer.
>
> If I set up the configuration using an OpenLDAP Server as my Directory
> Server it works. (more or less*)
> But when I change the proxy to point to e.g. Lotus Domino as my
> Directory Server I get the error "got empty SyncUUID with
> LDAP_SYNC_ADD" and the content doesn't replicate down from the
> Directory Server. Although I see activity on my proxy - he queries my
> Directory Server.
>
> Did I bite off to much for a newbie or am I missing something
> obvious??
>
> Thanks for ideas in which direction I need to be looking!
> Bonnie

Also search the mailing list archives for numerous discussion of Active Directory
replication with OpenLDAP.

Thanks,

Gavin.

--
Kind Regards,

Gavin Henry.

T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com

Open Source. Open Solutions(tm).

http://www.suretecsystems.com/