[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP replication



--On Tuesday, December 09, 2008 4:45 PM -0500 Justin Lintz <jlintz@gmail.com> wrote:

Hi,

I am currently working on trying to configure replication between 2
ldap servers.  Here is my current setup....


slapd.conf on ldap02 is":

directory       /var/lib/ldap2.4
checkpoint 256 5
index   objectClass                                             eq
index   cn,mail,surname,givenname
eq,subinitial index   uidNumber,gidNumber,memberuid,member,uniqueMember
eq index   uid
eq,subinitial index   sambaSID,sambaDomainName,displayName
eq referral ldaps://ldap01/
syncrepl rid=123
  provider=ldaps://ldap01/
  type=refreshAndPersist
  searchbase="dc=example,dc=net"
  scope=sub
  schemachecking=off
  bindmethod=simple
  binddn="cn=manager,dc=example,dc=net"
  attrs="*"
  credentials=

You should specify an attrs= line unless you know what you're doing. You should just leave it empty and accept the default (which is "*,+" btw). Right now you are excluding all the operational attrs, so it loses its ability to track where it is at replication wise. If you can identify where you got the idea to use that line, that'd be great so we can kill it, unless of course it came from offsite documentation.


--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration