Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-19-2012, 02:45 PM
|
#1
|
Senior Member
Registered: Sep 2003
Posts: 1,091
Rep:
|
openldap replication... Is this possible?
I am new to openldap/slapd never really worked with it but I need to configure a replication setup and this is how I would like to do it:
1 master server, with multiple containers. multiple slave servers that each replicate a specific container from the master (not all).
Is this possible to do? If so which replication scheme should I be looking at? I see multiple ways to do replication but none that really get into the gritty details of what I am looking to do.
I'm thinking slurpd might be able to do this but I dont see anything specifically stating that it will or wont.
|
|
|
04-19-2012, 05:24 PM
|
#2
|
LQ Newbie
Registered: Feb 2012
Location: South Dakota
Distribution: Fedora, CentOS, Oracle, OpenSolaris
Posts: 18
Rep:
|
This might only be a hint or a clue in your investigation, but I thought slurpd was supposed to be for replication in the open LDAP world.
Like you, I have never worked in this space, and have always used the Netscape/iPlanet/Sun(Oracle) DSEE to do split DB, multi-master, proxied replication. It was my understanding that Netscape LDAP was sold/given to RedHat, but not sure if that is the code base that has become the openLDAP standard.
It will be interesting to see where this thread goes.
|
|
|
04-20-2012, 10:04 AM
|
#3
|
Senior Member
Registered: Sep 2003
Posts: 1,091
Original Poster
Rep:
|
Quote:
Originally Posted by danliston
This might only be a hint or a clue in your investigation, but I thought slurpd was supposed to be for replication in the open LDAP world.
Like you, I have never worked in this space, and have always used the Netscape/iPlanet/Sun(Oracle) DSEE to do split DB, multi-master, proxied replication. It was my understanding that Netscape LDAP was sold/given to RedHat, but not sure if that is the code base that has become the openLDAP standard.
It will be interesting to see where this thread goes.
|
Ill keep it updated then, so far I found I can only replicate from the DIT down so individual ou replication is not possible. Now onto figure out slapd configuration on centos 6 which is totally different then you standard slapd.conf configuration.
|
|
|
04-24-2012, 05:35 PM
|
#4
|
Senior Member
Registered: Sep 2003
Posts: 1,091
Original Poster
Rep:
|
FYI: what I was wanting is possible using snycrepl in a master/slave or provider consumer setup. This is all with openldap 2.4 using the old style config (that I have since converted to cn=config)
once the provider is setup the syncrepl statements (multiple statements) can be configured to allow syncing via a specific searchbase or with a filter parsing out the results you want to sync.
I went with this:
Code:
syncrepl rid=123
provider=ldap://ldap-master
type=refreshAndPersist
searchbase="ou=container1,dc=yourdomain,dc=com"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=Manager,dc=yourdomain,dc=com"
credentials=supersecretpasword
retry="10 3 100 3"
syncrepl rid=124
provider=ldap://ldap-master
type=refreshAndPersist
searchbase="ou=containter2,dc=yourdomain,dc=com"
scope=sub
schemachecking=off
bindmethod=simple
binddn="cn=Manager,dc=yourdomain,dc=com"
credentials=supersecretpassword
retry="10 3 100 3"
Last for secrity, I created sync accounts for each of my containers so each one has a different account for keeping in sync.
|
|
1 members found this post helpful.
|
All times are GMT -5. The time now is 09:31 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|