LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-27-2009, 03:16 AM   #1
Glazee
LQ Newbie
 
Registered: Jan 2009
Posts: 1

Rep: Reputation: 0
LDAP Replication problem


Hi i have been trying to figure out how to get the ldap replication running. I am using Ubuntu Server and the latest release of LDAP and have problems even getting started with the replication trying to configure for Master/Slave.

I have looked all over the net for how to get it to work.

To my understanding the old replication daemon slurpd has been replaced by syncrepl. But when i read about the slurpd daemon you needed to start that daemon but when it comes to syncrepl i don't know how to start it. I guess it just starts with the slapd daemon.

Nothing shows up in the logs, just like nothing is happening.

I hope you can help me solve my problem.

Master ip : 192.168.218.128

Slave ip : 192.168.218.129

btw i am running both of these machines on VMware Server.

Here are my configs:

#MASTER
# LDAP configuration

allow bind_v2

# Schema
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
#include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/ppolicy.schema
# Samba schema
#include /etc/ldap/schema/samba.schema

# Check schema consistency when starting
#schemacheck on


# Define global ACLs to disable default read access.
# None

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
# WARNING amd64 has lib64 !!
#modulepath /usr/lib64/openldap/openldap
modulepath /usr/lib/ldap
moduleload back_bdb.so
moduleload syncprov.la

#Load the password policy overlay
# Not yet implemented .. maybe later
#moduleload ppolicy.la



# unlimited searches for administrative DNs
#
# it's disabled because we have already put SIZELIMIT to 0
# but it's a good thing to know how it can be set or changed
#
#limits dn.exact="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited


# this is for the rootdn in case of SIZELIMIT is different than 0
#sizelimit unlimited


# Let some special user to change passwords, and others to read
#
### Note this is just an example you can just have only one user that can do
### everithing , but it 's not reccomended.
#
### If you want that the following users can access in write or read, remember to create them
### under gosa in the acl subtree
#
#access to attrs=shadowExpire,shadowFlag,shadowInactive,shadowLastChange,shadowMax,shadowMin,
#shadowWarning,sambaLMPassword,sambaNTPassword,sambaPwdLastSet
# by dn="uid=replicante10,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by anonymous auth
# by self write
# by * none

access to attrs=userPassword
by dn="cn=admin,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" write
by anonymous auth
by self write
by * none

access to dn.base="" by * read

access to *
by dn="cn=admin,dc=glazeeserver,dc=com" write
by anonymous auth

#######################################################################
## BDB database definitions
########################################################################

database bdb
suffix "dc=glazeeserver,dc=com"
checkpoint 512 30
rootdn "uid=admin,dc=glazeeserver,dc=com"
rootpw secret

# Mode 700 recommended. chown ldap:ldap .
directory /var/lib/ldap

lastmod on

mode 0600

# Only 4 debug
#loglevel 1 2 4 8 16 32 64 128 256 512 1024 2048
loglevel -1

# physycal backend (db library, not slapd) cache
# here, 0.25 GB
dbconfig set_cachesize 0 268435456 1
# Transaction Log settings
# logging region size in bytes, here 1 MBytes
dbconfig set_lg_regionmax 1048576
# log buffer size in bytes, here 2 MBytes
dbconfig set_lg_bsize 2097152
# Set the maximum size of a single file in the log, in bytes, here 10 MByte
dbconfig set_lg_max 10485760


# Indices to maintain
index objectClass pres,eq
index uid,mail,uniqueMember eq
index cn,sn,givenName,ou pres,eq,sub
index uidNumber,gidNumber,memberuid eq
#index sambaSID eq
#index sambaPrimaryGroupSID eq
#index sambaDomainName eq
#index sambaAlgorithmicRidBase pres,eq
# syncprov specific indexing
index entryCSN eq
index entryUUID eq


# password policy stuff
# Not now, we can implement them later.
#overlay ppolicy
#ppolicy_default "uid=defaultppolicy,ou=people,ou=acl,dc=glazeeserver,dc=com"

# SSL Stuff
TLSVerifyClient never

# Even in this case .. let's do it later ..
#
# #TLSCipherSuite HIGH:MEDIUM:+SSLv2
#TLSCACertificateFile /etc/openldap/ssl/ca.crt
#TLSCertificateFile /etc/openldap/ssl/ldap.glazeeserver.com.crt
#TLSCertificateKeyFile /etc/openldap/ssl/ldap.glazeeserver.com.key

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

--------------------------------------------------------------------------

#SLAVE
# LDAP configuration

allow bind_v2

# Schema
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
#include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/ppolicy.schema
# Samba schema
#include /etc/ldap/schema/samba.schema

# Check schema consistency when starting
#schemacheck on


# Define global ACLs to disable default read access.
# None

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
# WARNING amd64 has lib64 !!
#modulepath /usr/lib64/openldap/openldap
modulepath /usr/lib/ldap
moduleload back_bdb.so
moduleload syncprov.la

#Load the password policy overlay
# Not yet implemented .. maybe later
#moduleload ppolicy.la



# unlimited searches for administrative DNs
#
# it's disabled because we have already put SIZELIMIT to 0
# but it's a good thing to know how it can be set or changed
#
#limits dn.exact="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited


# this is for the rootdn in case of SIZELIMIT is different than 0
#sizelimit unlimited


# Let some special user to change passwords, and others to read
#
### Note this is just an example you can just have only one user that can do
### everithing , but it 's not reccomended.
#
### If you want that the following users can access in write or read, remember to create them
### under gosa in the acl subtree
#
#access to attrs=shadowExpire,shadowFlag,shadowInactive,shadowLastChange,shadowMax,shadowMin,
#shadowWarning,sambaLMPassword,sambaNTPassword,sambaPwdLastSet
# by dn="uid=replicante10,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by anonymous auth
# by self write
# by * none

access to attrs=userPassword
by dn="uid=admin,dc=glazeeserver,dc=com" write
# by dn="uid=wwwadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" read
# by dn="uid=pwdchanger,ou=people,ou=acl,dc=glazeeserver,dc=com" write
# by dn="uid=unixadmin,ou=people,ou=acl,dc=glazeeserver,dc=com" write
by anonymous auth
by self write
by * none

access to dn.base="" by * read

access to *
by dn="cn=admin,dc=glazeeserver,dc=com" write
by * read

#######################################################################
## BDB database definitions
########################################################################

database bdb
suffix "dc=glazeeserver,dc=com"
checkpoint 512 30
rootdn "uid=admin,dc=glazeeserver,dc=com"
rootpw secret

# Mode 700 recommended. chown ldap:ldap .
directory /var/lib/ldap

lastmod on

# Only 4 debug
#loglevel 1 2 4 8 16 32 64 128 256 512 1024 2048
loglevel -1

# physycal backend (db library, not slapd) cache
# here, 0.25 GB
dbconfig set_cachesize 0 268435456 1
# Transaction Log settings
# logging region size in bytes, here 1 MBytes
dbconfig set_lg_regionmax 1048576
# log buffer size in bytes, here 2 MBytes
dbconfig set_lg_bsize 2097152
# Set the maximum size of a single file in the log, in bytes, here 10 MByte
dbconfig set_lg_max 10485760


# Indices to maintain
index objectClass pres,eq
index uid,mail,uniqueMember eq
index cn,sn,givenName,ou pres,eq,sub
index uidNumber,gidNumber,memberuid eq
#index sambaSID eq
#index sambaPrimaryGroupSID eq
#index sambaDomainName eq
#index sambaAlgorithmicRidBase pres,eq
# syncprov specific indexing
index entryCSN eq
index entryUUID eq


# password policy stuff
# Not now, we can implement them later.
#overlay ppolicy
#ppolicy_default "uid=defaultppolicy,ou=people,ou=acl,dc=glazeeserver,dc=com"

# SSL Stuff
TLSVerifyClient never

# Even in this case .. let's do it later ..
#
# #TLSCipherSuite HIGH:MEDIUM:+SSLv2
#TLSCACertificateFile /etc/openldap/ssl/ca.crt
#TLSCertificateFile /etc/openldap/ssl/ldap.glazeeserver.com.crt
#TLSCertificateKeyFile /etc/openldap/ssl/ldap.glazeeserver.com.key

syncrepl rid=123
provider=ldap://192.168.218.128:389
type=refreshAndPersist
retry="5 5 300 +"
searchbase="dc=glazeeserver,dc=com"
attrs="*,+"
bindmethod=simple
binddn="uid=admin,dc=glazeeserver,dc=com"
credentials="secret"

updateref ldap://192.168.218.128:389
 
Old 02-03-2009, 04:20 AM   #2
Glazee
LQ Newbie
 
Registered: Jan 2009
Posts: 1

Original Poster
Rep: Reputation: 0
Okay i solved it. It was some sort of problem with Ubuntu 8.10 so i switched to Ubuntu 8.04 but then i saw that apparmor was running and figured it might just be that. But i got everything working now on Ubuntu 8.04.
 
  


Reply

Tags
ldap, replication, sync, ubuntu810


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ldap replication error aravindhcl Linux - Networking 1 12-26-2007 07:25 PM
LDAP server replication csaju Linux - Server 1 02-07-2007 05:15 AM
ldap replication master - slave jadid Linux - Software 2 10-18-2006 11:25 AM
Ldap Replication Through Nat chrisfirestar Linux - Networking 2 03-02-2004 07:03 PM
Replication of LDap server rockage2001 Linux - Software 0 07-09-2003 11:35 AM


All times are GMT -5. The time now is 03:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration