Openldap replication configuration
IP Info:
master:192.168.7.178
slave:192.168.7.179
Install:
1.master and slave:
yum install -y openldap-clients openldap-servers
2.copy config file
cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
3.The master and slave main configuration file
access to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
by dn.exact="cn=Manager,dc=csdn,dc=net" read
by * none
suffix "dc=csdn,dc=net"
rootdn "cn=Manager,dc=csdn,dc=net"
rootpw secret
Prompat:Can use vim to replace your own dc.
Example:
:%s /dc=csdn/dc=baidu/g
4.Master need to add a configuration file:
index objectclass,entryCSN,entryUUID eq
moduleload syncprov.la #This to be added, without error
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
5.Slave need to add a configuration file:
index objectclass,entryCSN,entryUUID eq
syncrepl rid=002
provider=ldap://192.168.7.178:389
type=refreshOnly
retry="5 5 300 +"
interval=00:00:00:30
searchbase="dc=csdn,dc=net"
filter="(objectClass=*)"
attrs="*"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=Manager,dc=csdn,dc=net"
credentials=secret
updateref ldap://192.168.7.178:389
6.Problem:
1).syncrepl rid=123 searchbase="dc=csdn,dc=net": no retry defined, using default config file testing succeeded
solution:
add retry="5 5 300 +" #add retry attribute
2).overlay "syncprov" not found
Solution:
vim /etc/openldap/slapd.conf
moduleload syncprov.la