[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: help with setting up replication
- To: openldap-technical@openldap.org
- Subject: Re: help with setting up replication
- From: Christopher Wood <christopher_wood@pobox.com>
- Date: Wed, 29 Aug 2012 12:24:19 -0400
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to:content-transfer-encoding; s=sasl; bh=bF4axC2Zr4kQa Pn3W3Zlxd8z6tA=; b=yQGOy54S/sxelmus9ywl4DvMKLeynj6VIdlQQ5ral8Zla VDhy5dYeS8BI6YnCG+3nek5v3q9xX9yRmFd/TpQu19qDLlSBCr8iq//rxZiLR3EU uknjeLBCGlxLRz4m0f+Rtbbzfep8F6yJHMyIKEowsv3bnXSSD8DOKTNK43i38s=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to:content-transfer-encoding; q=dns; s=sasl; b=D3EnbDg mKt+sV1SbODqdWNV9KhWSPYiqpfdH+Cp0IkIFHlOAuumjHQQcp+c39t8j6A0zHXM HBwzIDkIERzwc81Ly5IdsqJviSxuqe+au9PTJCYG5rGraHIyY87LyCKYyelMwcxm Q6i1ak6PopGPG7/8OMUSVEAvDyVhJwUqhw7Y=
- In-reply-to: <CABnDqAQDWJHu-vwxH7D0A4czjPcTzhRn93hc_iap8QyfgGYGgA@mail.gmail.com>
- References: <CABnDqAQDWJHu-vwxH7D0A4czjPcTzhRn93hc_iap8QyfgGYGgA@mail.gmail.com>
- User-agent: Mutt/1.5.20 (2009-06-14)
Without digging into your particular issue, I used this guide and was able to configure replication:
http://www.openldap.org/doc/admin24/
This most specifically for you right now:
http://www.openldap.org/doc/admin24/replication.html
On Wed, Aug 29, 2012 at 11:32:14AM -0400, Jeff Dickens wrote:
> I've been following this page from the Ubuntu Server Guide with generally
> good results:
> [1]https://help.ubuntu.com/12.04/serverguide/openldap-server.htmlï;
> Now I'm down to the replication section, atï
> [2]https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-server-replicationï;.
> ïSo far it isn't working. ïFirst things first:
> I create the following ldif file to configure the sync provider:
>
> # Add indexes to the frontend db.
> dn: olcDatabase={1}hdb,cn=config
> changetype: modify
> add: olcDbIndex
> olcDbIndex: entryCSN eq
> -
> add: olcDbIndex
> olcDbIndex: entryUUID eq
> #Load the syncprov and accesslog modules.
> dn: cn=module{0},cn=config
> changetype: modify
> add: olcModuleLoad
> olcModuleLoad: syncprov
> -
> add: olcModuleLoad
> olcModuleLoad: accesslog
> # Accesslog database definitions
> dn: olcDatabase={2}hdb,cn=config
> objectClass: olcDatabaseConfig
> objectClass: olcHdbConfig
> olcDatabase: {2}hdb
> olcDbDirectory: /var/lib/ldap/accesslog
> olcSuffix: cn=accesslog
> olcRootDN: cn=admin,dc=intranet,dc=seamanpaper,dc=com
> olcDbIndex: default eq
> olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
> # Accesslog db syncprov.
> dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config
> changetype: add
> objectClass: olcOverlayConfig
> objectClass: olcSyncProvConfig
> olcOverlay: syncprov
> olcSpNoPresent: TRUE
> olcSpReloadHint: TRUE
> # syncrepl Provider for primary db
> dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config
> changetype: add
> objectClass: olcOverlayConfig
> objectClass: olcSyncProvConfig
> olcOverlay: syncprov
> olcSpNoPresent: TRUE
> # accesslog overlay definitions for primary db
> dn: olcOverlay=accesslog,olcDatabase={1}hdb,cn=config
> objectClass: olcOverlayConfig
> objectClass: olcAccessLogConfig
> olcOverlay: accesslog
> olcAccessLogDB: cn=accesslog
> olcAccessLogOps: writes
> olcAccessLogSuccess: TRUE
> # scan the accesslog DB every day, and purge entries older than 7 days
> olcAccessLogPurge: 07+00:00 01+00:00
>
> The guide says you can test the provider with this command:
>
> root@grackle:~# ldapsearch -z1 -LLLQY EXTERNAL -H ldapi:/// -s base
> contextCSN
> dn:
> root@grackle:~#
>
> but as you see that doesn't return anything. ï However, this command does
> find it:
>
> root@grackle:~# slapcat | grep -C 10 contextCSN
> objectClass: organization
> o: [3]intranet.seamanpaper.com
> dc: intranet
> structuralObjectClass: organization
> entryUUID: 99e43416-73a1-1031-9d82-4f560555aca0
> creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com
> createTimestamp: 20120805233244Z
> entryCSN: 20120805233244.262007Z#000000#000#000000
> modifiersName: cn=admin,dc=intranet,dc=seamanpaper,dc=com
> modifyTimestamp: 20120805233244Z
> contextCSN: 20120829024252.920832Z#000000#000#000000
> dn: cn=admin,dc=intranet,dc=seamanpaper,dc=com
> objectClass: simpleSecurityObject
> objectClass: organizationalRole
> cn: admin
> description: LDAP administrator
> userPassword:: e1NTSEF9Nm9zUVlmUStzd1RCOVJCQXUyL3NhQURpYTZ1R0NuRC8=
> structuralObjectClass: organizationalRole
> entryUUID: 99e4f9fa-73a1-1031-9d83-4f560555aca0
> creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com
> root@grackle:~#
>
> Before I go on to figure out why the sync isn't working, why isn't the
> ldapsearch command above returning anything?
> Thanks in advance for your help.
> --
> ïïïï Jeff Dickens
> ïïïï IT Managerïïïïï 978-632-1513
>
> References
>
> Visible links
> 1. https://help.ubuntu.com/12.04/serverguide/openldap-server.html
> 2. https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-server-replication
> 3. http://intranet.seamanpaper.com/