[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: replication from child to Parent domain
Hi,
On 18/08/2010 08:48, owen nirvana wrote:
parent is customer
"""
suffix "dc=SCNCA,dc=ROOTCA"
rootdn "cn=admin,dc=SCNCA,dc=ROOTCA"
rootpw secret
checkpoint 512 30
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
ServerID 000
syncrepl rid=001
provider=ldap://${SON_LDAP_ADDRESS}:${SON_LDAP_PORT}
type=refreshOnly
# five minutes, you should do syncrepl once a day in practice
interval=00:01:00:00
searchbase="${SON_BASE}"
filter="(objectClass=*)"
scope=sub
schemachecking=off
bindmethod=simple
binddn="${SON_ADMIN}"
credentials=${SON_PASSWD}
retry="5 5 300 +"
mirrormode on
"""
son is provider
"""
suffix "dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootdn "cn=admin,dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootpw secret
checkpoint 512 30
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
ServerID 001
"""
Syncrepl does support replicating partial trees.
I think your above configuration could work, but it will be
misinterpreted as is: the comment in the middle is going to "comment
out" all other components.
The syntax with new lines beginning with a space is just to ease
configuration. Upon reading, all lines will be folded into one, like:
syncrepl rid=001 provider=ldap://${SON_LDAP_ADDRESS}:${SON_LDAP_PORT} type=refreshOnly # five minutes, you should do syncrepl once a day in practice interval=00:01:00:00 etc
As you can see, all params after the comment will be ignored.
Jonathan
--
--------------------------------------------------------------
Jonathan Clarke - jonathan@phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------