OpenLDAP: does all the data reside in a couple of files?
Hello
I have two servers and I'm in the process of setting them up to be in a high availability system. For the data, I'm using heartbeat and DRBD so that the data gets written to both of them simulatneously and, thus, if one fails, the other takes over.
For user authentication, I'm having a harder time to work out the best way to do this. I need the user details (login, home directory, group membership) to be mirrored on both servers, so that if the second server takes over, everyone can still log in.
Now, does LDAP put all of the user configuration data in a couple of files in the same directory? That is, could I set /etc/openldap/ up as a DRBD file system and run openLDAP on both machines? This way, even why /etc/openldap/ was unavailable ont he primary server, /etc/openldap/ on the secondary machine would still be up to date.
For example, I see this file mentioned occasionally in howtos: /usr/local/var/openldap-data/myldap/myldap.ldif Is this .ldif file THE file which has all the user details in it?
Can anyone see problems with this? Is there a better way to do it?
Thanks
Hamish
Last edited by hamish; 08-30-2006 at 04:42 PM.
|