Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-06-2006, 05:11 AM
|
#1
|
Member
Registered: Jan 2006
Location: taiwan
Posts: 156
Rep:
|
Openldap replication
I am trying to follow the admin guide to configure the openldap replication , I run the /usr/bin/slurpd , then it pop the message " Error: Malformed "replica" line in slapd config file, line 72 , Warning: failed to add replica "resues2.com:389 - ignoring replica " , I sure the server resues.com is reachable , can anyone advise what is possible reason for the error ? thx
my slapd.conf
replogfile /var/lib/ldap/master-slapd.replog
database ldbm
suffix "dc=resues1,dc=com"
rootdn "cn=Manager,dc=resues1,dc=com"
rootpw secret
rootpw {SSHA}UKfX5uzttkfXd9nMEFWl3l9BfdafOjsV8TQKv
directory /var/lib/ldap/resues1.com
replica host=resues2:389
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq
binddn="cn=replicator,dc=resues1,dc=com"
bindmethod=simple credentials=password
|
|
|
08-07-2006, 04:53 AM
|
#2
|
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
|
From man slapd.conf..
Code:
replica uri=ldap[s]://<hostname>[:port]|host=<hostname>[:port]
[starttls=yes|critical] [suffix=<suffix> [...]]
bindmethod=simple|sasl [binddn=<simple DN>] [credentials=<simple
password>] [saslmech=<SASL mech>] [secprops=<properties>]
[realm=<realm>] [authcId=<authentication ID>]
[authzId=<authorization ID>] [attr[!]=<attr list>]
Specify a replication site for this database. Refer to the
"OpenLDAP Administrator's Guide" for detailed information on
setting up a replicated slapd directory service. Zero or more
suffix instances can be used to select the subtrees that will be
replicated (defaults to all the database). host is deprecated
in favor of the uri option. uri allows the replica LDAP server
to be specified as an LDAP URI. A bindmethod of simple requires
the options binddn and credentials and should only be used when
adequate security services (e.g TLS or IPSEC) are in place. A
bindmethod of sasl requires the option saslmech. Specific
security properties (as with the sasl-secprops keyword above)
for a SASL bind can be set with the secprops option. A non-
default SASL realm can be set with the realm option. If the
mechanism will use Kerberos, a kerberos instance should be given
in authcId. An attr list can be given after the attr keyword to
allow the selective replication of the listed attributes only;
if the optional ! mark is used, the list is considered
exclusive, i.e. the listed attributes are not replicated. If an
objectClass is listed, all the related attributes are (are not)
replicated.
|
|
|
10-18-2006, 07:24 AM
|
#3
|
LQ Newbie
Registered: Sep 2006
Posts: 4
Rep:
|
Hi,
Pls make sure that ur slapd.conf file contain replica directive like this only.
replogfile /var/lib/ldap/openldap-master-replog
replica uri=ldaps://10.6.14.255
binddn="cn=root,dc=example,dc=com"
tls=hard
bindmethod=simple credentials=secret
Hope it will work !!!!
Regards:
Jitender Rajpal
|
|
|
All times are GMT -5. The time now is 08:35 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|