|
In a book about
Openldap i have read the way to replicate the cn=config-data. But the author
descripte the slapd.conf method. My OpenLDAP use the database-backend. so I try
to combine it and most of them works fine dn: cn=config changetype: modify add: olcReferral olcReferral: "ldap://ldap.example.de" dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: syncprov dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncrepl olcSyncrepl: rid=002 provider=ldap://ldap.example.de
type=refreshAndPersist retry="5 +" searchbase="cn=config"
filter="(!(olcDatabase={0}config))" bindmethod=simple
binddn="cn=admin,dc=example,dc=de" credentials=secret add: olcUpdateRef olcUpdateRef: ldap://ldap.example.de dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=ldap://ldap.example.de
type=refreshAndPersist retry="5 +"
searchbase="dc=example,dc=de" bindmethod=simple
binddn="cn=admin,dc=example,dc=de" credentials=secret add: olcUpdateRef olcUpdateRef: ldap://ldap.example.de On the Client-LDAP I
import the following LDIF dn: cn=config #objectClass: olcGlobal #cn: config changetype: modify add: olcReferral olcreferral: ldap://ldap.example.de dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcSyncRepl: rid=002 provider="ldap://ldap.example.de"
binddn="cn=admin,dc=example,dc=de" bindmethod=simple
credentials=secret searchbase="cn=config"
filter="(!olcDatabase={0}config)" type=refreshAndPersist retry="10
+" olcRootDN: cn=admin,dc=example,dc=de olcUpdateRef: ldap://ldap.example.de As result the complete
ldap will be replicated. But when i restart the Slave-LDAP-Server then come up
following error: Starting OpenLDAP: slapd - failed. The operation failed but no output was produced. For hints on what
went wrong please refer to the system's logfiles (e.g. /var/log/syslog)
or try running the daemon in Debug mode like via "slapd -d
16383" (warning: this will create copious output). Below, you can find the command line options used by this script
to run slapd. Do not forget to specify those options if you want to look to debugging output: slapd -h 'ldap:///
ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d/ And in syslog i find
following entry: Nov 9 20:54:03 SMS002092 slapd[3376]: @(#) $OpenLDAP: slapd
2.4.21 (Jun 2 2011 19:36:19)
$#012#011buildd@allspice:/build/buildd/openldap-2.4$ Nov 9 20:54:03 SMS002092 slapd[3376]: config error
processing olcDatabase={2}config,cn=config: Nov 9 20:54:03 SMS002092 slapd[3376]: slapd stopped. Nov 9 20:54:03 SMS002092
slapd[3376]: connections_destroy: nothing to destroy. I can understand this
error: ALL data will replicated and on the Slave another config
[olcDatatbase={2}config) will be created. How can I avoid the creation of the
second , incomplete database? Freundliche Grüße / Best regards Michael |