[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Syncrepl filtering
It seems we don't have much input on syncrepl filtering, but I found
this thread, and it might serve as a starting point for testing:
http://www.openldap.org/lists/openldap-technical/200906/msg00311.html
Here is the working setup on the syncrepl consumer:
syncrepl rid=123
provider=ldap://rh-test3.kvm.rla:389
type=refreshOnly
interval=00:00:01:00
retry="30 10 600 20"
searchbase="dc=local"
filter="(|(objectClass=sambaGroupMapping)(uid=user1))"
scope=sub
schemachecking=off
bindmethod=simple
binddn="uid=syncrepl,ou=sysusers,dc=local"
credentials=pwdsyncrepl
# BEGIN Session TLS
starttls="critical"
tls_cacert=__CACERTFILE__
# End Session TLS
Obviously the binddn should have (just read ?) access to the part of the
DIT being replicated.
In that thread, the user is using syncrepl type=refreshOnly with a
filter on Openldap 2.3.
From an older thread (on openldap v2.3.11):
http://www.openldap.org/lists/openldap-bugs/200512/msg00014.html, you
can see another working setup. The user mentions some problems with type
= refreshAndPersist replication but these are reported as corrected in
subsequent openldap versions.
Nick