Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Hi i have been trying to figure out how to get the ldap replication running. I am using Ubuntu Server and the latest release of LDAP and have problems even getting started with the replication trying to configure for Master/Slave.
I have looked all over the net for how to get it to work.
To my understanding the old replication daemon slurpd has been replaced by syncrepl. But when i read about the slurpd daemon you needed to start that daemon but when it comes to syncrepl i don't know how to start it. I guess it just starts with the slapd daemon.
Nothing shows up in the logs, just like nothing is happening.
I hope you can help me solve my problem.
Master ip : 192.168.218.128
Slave ip : 192.168.218.129
btw i am running both of these machines on VMware Server.
Here are my configs:
#MASTER
# LDAP configuration
allow bind_v2
# Schema
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
#include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/ppolicy.schema
# Samba schema
#include /etc/ldap/schema/samba.schema
# Check schema consistency when starting
#schemacheck on
# Define global ACLs to disable default read access.
# None
#Load the password policy overlay
# Not yet implemented .. maybe later
#moduleload ppolicy.la
# unlimited searches for administrative DNs
#
# it's disabled because we have already put SIZELIMIT to 0
# but it's a good thing to know how it can be set or changed
#
#limits dn.exact="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
# this is for the rootdn in case of SIZELIMIT is different than 0
#sizelimit unlimited
# Let some special user to change passwords, and others to read
#
### Note this is just an example you can just have only one user that can do
### everithing , but it 's not reccomended.
#
### If you want that the following users can access in write or read, remember to create them
### under gosa in the acl subtree
#
#access to attrs=shadowExpire,shadowFlag,shadowInactive,shadowLastChange,shadowMax,shadowMin,
#shadowWarning,sambaLMPassword,sambaNTPassword,sambaPwdLastSet
# by dn="uid=replicante10,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by anonymous auth
# by self write
# by * none
access to attrs=userPassword
by dn="cn=admin,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=glazeeserver,dc=com" write
by anonymous auth
# physycal backend (db library, not slapd) cache
# here, 0.25 GB
dbconfig set_cachesize 0 268435456 1
# Transaction Log settings
# logging region size in bytes, here 1 MBytes
dbconfig set_lg_regionmax 1048576
# log buffer size in bytes, here 2 MBytes
dbconfig set_lg_bsize 2097152
# Set the maximum size of a single file in the log, in bytes, here 10 MByte
dbconfig set_lg_max 10485760
# Indices to maintain
index objectClass pres,eq
index uid,mail,uniqueMember eq
index cn,sn,givenName,ou pres,eq,sub
index uidNumber,gidNumber,memberuid eq
#index sambaSID eq
#index sambaPrimaryGroupSID eq
#index sambaDomainName eq
#index sambaAlgorithmicRidBase pres,eq
# syncprov specific indexing
index entryCSN eq
index entryUUID eq
# password policy stuff
# Not now, we can implement them later.
#overlay ppolicy
#ppolicy_default "uid=defaultppolicy,ou=people,ou=acl,dc=glazeeserver,dc=com"
# SSL Stuff
TLSVerifyClient never
# Even in this case .. let's do it later ..
#
# #TLSCipherSuite HIGH:MEDIUM:+SSLv2
#TLSCACertificateFile /etc/openldap/ssl/ca.crt
#TLSCertificateFile /etc/openldap/ssl/ldap.glazeeserver.com.crt
#TLSCertificateKeyFile /etc/openldap/ssl/ldap.glazeeserver.com.key
# Schema
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
#include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/ppolicy.schema
# Samba schema
#include /etc/ldap/schema/samba.schema
# Check schema consistency when starting
#schemacheck on
# Define global ACLs to disable default read access.
# None
#Load the password policy overlay
# Not yet implemented .. maybe later
#moduleload ppolicy.la
# unlimited searches for administrative DNs
#
# it's disabled because we have already put SIZELIMIT to 0
# but it's a good thing to know how it can be set or changed
#
#limits dn.exact="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
# this is for the rootdn in case of SIZELIMIT is different than 0
#sizelimit unlimited
# Let some special user to change passwords, and others to read
#
### Note this is just an example you can just have only one user that can do
### everithing , but it 's not reccomended.
#
### If you want that the following users can access in write or read, remember to create them
### under gosa in the acl subtree
#
#access to attrs=shadowExpire,shadowFlag,shadowInactive,shadowLastChange,shadowMax,shadowMin,
#shadowWarning,sambaLMPassword,sambaNTPassword,sambaPwdLastSet
# by dn="uid=replicante10,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by anonymous auth
# by self write
# by * none
access to attrs=userPassword
by dn="uid=admin,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=glazeeserver,dc=com" write
by * read
# physycal backend (db library, not slapd) cache
# here, 0.25 GB
dbconfig set_cachesize 0 268435456 1
# Transaction Log settings
# logging region size in bytes, here 1 MBytes
dbconfig set_lg_regionmax 1048576
# log buffer size in bytes, here 2 MBytes
dbconfig set_lg_bsize 2097152
# Set the maximum size of a single file in the log, in bytes, here 10 MByte
dbconfig set_lg_max 10485760
# Indices to maintain
index objectClass pres,eq
index uid,mail,uniqueMember eq
index cn,sn,givenName,ou pres,eq,sub
index uidNumber,gidNumber,memberuid eq
#index sambaSID eq
#index sambaPrimaryGroupSID eq
#index sambaDomainName eq
#index sambaAlgorithmicRidBase pres,eq
# syncprov specific indexing
index entryCSN eq
index entryUUID eq
# password policy stuff
# Not now, we can implement them later.
#overlay ppolicy
#ppolicy_default "uid=defaultppolicy,ou=people,ou=acl,dc=glazeeserver,dc=com"
# SSL Stuff
TLSVerifyClient never
# Even in this case .. let's do it later ..
#
# #TLSCipherSuite HIGH:MEDIUM:+SSLv2
#TLSCACertificateFile /etc/openldap/ssl/ca.crt
#TLSCertificateFile /etc/openldap/ssl/ldap.glazeeserver.com.crt
#TLSCertificateKeyFile /etc/openldap/ssl/ldap.glazeeserver.com.key
Okay i solved it. It was some sort of problem with Ubuntu 8.10 so i switched to Ubuntu 8.04 but then i saw that apparmor was running and figured it might just be that. But i got everything working now on Ubuntu 8.04.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
