Differences

This shows you the differences between two versions of the page.

--- tutorial:ldap:syncopenldap [2016-04-13 22:49]
weichbr [Requirements]
+++ tutorial:ldap:syncopenldap [2017-06-16 21:59]
weichbr [Notes]
@@ Line 13: / Line 13: @@
 ===== Notes =====
-  * This tutorial show how to do master -> slave replication. Only the master will accept writes!
+  * This tutorial shows how to do master -> slave replication. Only the master will accept writes!
 ----
 ===== Configure the Master =====
-  *
+  * Give the sync account the necessary right to read everything. This includes passwords!
+    * Simply modify the ''%%access.ldif%%'' in the "Enforce Authrization" step to include the sync account like the admin account.
+  * Create a ''%%syncmod.ldif%%'', ''%%index.ldif%%'' file and a ''%%sync.ldif%%'' file:
+  * <code>
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: syncprov.la
+</code>
+  * <code>
+dn: olcDatabase={1}mdb,cn=config
+changetype: modify
+add: olcDbIndex
+olcDbIndex: entryUUID,entryCSN eq
+</code>
+  * <code>
+dn: olcOverlay=syncprov,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcOverlayConfig
+objectClass: olcSyncProvConfig
+olcOverlay: syncprov
+</code>
+  * Apply them in that order with ''%%ldapmodify%%''
+----
+===== Configure the Slave =====
+  * Also apply the ''%%syncmod.ldif%%'' and ''%%index.ldif%%'' files.
+  * Create a ''%%sync.ldif%%'' file:
+  * <code>
+dn: olcDatabase={1}mdb,cn=config
+changetype: modify
+add: olcSyncRepl
+olcSyncRepl: rid=001
+  provider=ldap://ip.of.your.server/
+  bindmethod=simple
+  binddn="cn=ldapsync,ou=people,dc=my,dc=domain,dc=tld"
+  credentials=syncaccountpassword
+  searchbase="dc=my,dc=domain,dc=tld"
+  scope=sub
+  schemachecking=on
+  type=refreshAndPersist
+  retry="30 5 300 3"
+  interval=00:00:00:30
+  starttls=yes
+  tls_reqcert=allow
+</code>
+  * Apply it with ''%%ldapmodify%%''