tutorial:ldap:syncopenldap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
tutorial:ldap:syncopenldap [2016-04-13 22:53]
weichbr [Configure the Master]
tutorial:ldap:syncopenldap [2018-06-03 14:10] (current)
Line 13: Line 13:
  
 ===== Notes ===== ===== Notes =====
-  * This tutorial show how to do master -> slave replication. Only the master will accept writes!+  * This tutorial shows how to do master -> slave replication. Only the master will accept writes!
  
 ---- ----
Line 19: Line 19:
 ===== Configure the Master ===== ===== Configure the Master =====
   * Give the sync account the necessary right to read everything. This includes passwords!   * Give the sync account the necessary right to read everything. This includes passwords!
-    * Simply modify the ''%%access.ldif%%'' in the "Enforce Authrization" step to include the sync account like the admin account.+    * Simply modify the ''%%access.ldif%%'' in the "Enforce Authorization" step to include the sync account like the admin account.
   * Create a ''%%syncmod.ldif%%'', ''%%index.ldif%%'' file and a ''%%sync.ldif%%'' file:   * Create a ''%%syncmod.ldif%%'', ''%%index.ldif%%'' file and a ''%%sync.ldif%%'' file:
   * <code>   * <code>
Line 26: Line 26:
 add: olcModuleLoad add: olcModuleLoad
 olcModuleLoad: syncprov.la olcModuleLoad: syncprov.la
 +</code>
 +  * <code>
 +dn: olcDatabase={1}mdb,cn=config
 +changetype: modify
 +add: olcDbIndex
 +olcDbIndex: entryUUID,entryCSN eq
 </code> </code>
   * <code>   * <code>
Line 33: Line 39:
 objectClass: olcSyncProvConfig objectClass: olcSyncProvConfig
 olcOverlay: syncprov olcOverlay: syncprov
-</code> 
-  * <code> 
-dn: olcDatabase={1}mdb,cn=config 
-changetype: modify 
-add: olcDbIndex 
-olcDbIndex: entryUUID,entryCSN eq 
 </code> </code>
   * Apply them in that order with ''%%ldapmodify%%''   * Apply them in that order with ''%%ldapmodify%%''
Line 45: Line 45:
  
 ===== Configure the Slave ===== ===== Configure the Slave =====
 +  * Also apply the ''%%syncmod.ldif%%'' and ''%%index.ldif%%'' files.
 +  * Create a ''%%sync.ldif%%'' file:
 +  * <code>
 +dn: olcDatabase={1}mdb,cn=config
 +changetype: modify
 +add: olcSyncRepl
 +olcSyncRepl: rid=001
 +  provider=ldap://ip.of.your.server/
 +  bindmethod=simple
 +  binddn="cn=ldapsync,ou=people,dc=my,dc=domain,dc=tld"
 +  credentials=syncaccountpassword
 +  searchbase="dc=my,dc=domain,dc=tld"
 +  scope=sub
 +  schemachecking=on
 +  type=refreshAndPersist
 +  retry="30 5 300 3"
 +  interval=00:00:00:30
 +  starttls=yes
 +  tls_reqcert=allow
 +</code>
 +  * Apply it with ''%%ldapmodify%%''
  • tutorial/ldap/syncopenldap.1460580815.txt.gz
  • Last modified: 2018-06-03 14:10
  • (external edit)