Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
tutorial:ldap:syncopenldap [2016-04-13 22:46] weichbr created |
tutorial:ldap:syncopenldap [2017-06-16 22:00] weichbr [Configure the Master] |
||
---|---|---|---|
Line 5: | Line 5: | ||
===== Requirements ===== | ===== Requirements ===== | ||
* Two Debian 8 installation with OpenLDAP | * Two Debian 8 installation with OpenLDAP | ||
+ | * A user account in the directory for the syncing | ||
+ | * This tutorial assumes '' | ||
* First server is configured per [[tutorial: | * First server is configured per [[tutorial: | ||
* Other server is configured per [[tutorial: | * Other server is configured per [[tutorial: | ||
- | * | + | |
---- | ---- | ||
+ | |||
+ | ===== Notes ===== | ||
+ | * This tutorial shows how to do master -> slave replication. Only the master will accept writes! | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Configure the Master ===== | ||
+ | * Give the sync account the necessary right to read everything. This includes passwords! | ||
+ | * Simply modify the '' | ||
+ | * Create a '' | ||
+ | * < | ||
+ | dn: cn=module{0}, | ||
+ | changetype: modify | ||
+ | add: olcModuleLoad | ||
+ | olcModuleLoad: | ||
+ | </ | ||
+ | * < | ||
+ | dn: olcDatabase={1}mdb, | ||
+ | changetype: modify | ||
+ | add: olcDbIndex | ||
+ | olcDbIndex: entryUUID, | ||
+ | </ | ||
+ | * < | ||
+ | dn: olcOverlay=syncprov, | ||
+ | changetype: add | ||
+ | objectClass: | ||
+ | objectClass: | ||
+ | olcOverlay: syncprov | ||
+ | </ | ||
+ | * Apply them in that order with '' | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Configure the Slave ===== | ||
+ | * Also apply the '' | ||
+ | * Create a '' | ||
+ | * < | ||
+ | dn: olcDatabase={1}mdb, | ||
+ | changetype: modify | ||
+ | add: olcSyncRepl | ||
+ | olcSyncRepl: | ||
+ | provider=ldap:// | ||
+ | bindmethod=simple | ||
+ | binddn=" | ||
+ | credentials=syncaccountpassword | ||
+ | searchbase=" | ||
+ | scope=sub | ||
+ | schemachecking=on | ||
+ | type=refreshAndPersist | ||
+ | retry=" | ||
+ | interval=00: | ||
+ | starttls=yes | ||
+ | tls_reqcert=allow | ||
+ | </ | ||
+ | * Apply it with '' |