Search This Blog

LDAP Replication Using syncrepl

 

My Solution
  • Master server:
    • edit configration in /etc/ldap/slapd.conf, append following: 
## syncrepl provider
index entryCSN,entryUUID eq

moduleload syncprov.la
overlay syncprov

syncprov-checkpoint 10 5
syncprov-sessionlog 100



  • Slave server:

    • edit /etc/ldap/slapd.conf, append: 





## syncrepl consumer
index entryCSN,entryUUID eq
syncrepl   rid=123
        provider=ldap://master-ldap.example.org:389
        type=refreshOnly
        interval=00:00:01:00
        searchbase="dc=example,dc=org"
        filter="(objectClass=*)"
        attrs="*"
        scope=sub
        schemachecking=off
        bindmethod=sasl
        saslmech=DIGEST-MD5
        authcid="admin"
        credentials="Password"



  • Note: in my case, I am using SASL DIGEST-MD5. Read the references if you want to use simple bind. Detail about how to enable SASL on openldap server, see here


  • Restart Master slapd then Slave slapd.



References



  1. Configuring the Master-Slave Replication


  2. LDAP Sync Replication


  3. LDAP replication setup using syncrepl


  4. Debian LDAP Server Setup

Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)