Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen gezeigt.

--- lpi2:ldap-replica [2012/01/19 13:08]
+++ lpi2:ldap-replica [2012/01/19 13:08] (aktuell)
@@ Zeile 1: / Zeile 1: @@
+====== Master/Slave Replication ======
+===== Konfiguration Master =====
+''/etc/ldap/slapd.conf'' :
+<file>
+moduleload      syncprov
+database bdb
+suffix dc=villa,dc=local
+index objectclass,entryCSN,entryUUID eq
+overlay syncprov
+syncprov-checkpoint 100 10
+syncprov-sessionlog 100
+limits dn.exact="cn=replicant,ou=services,dc=example,dc=com"
+        time=unlimited
+        size=unlimited
+access to *
+        by cn=replicant,ou=services,dc=example,dc=com read
+        by none break
+</file>
+''replicant.ldif'' :
+<file>
+# replica, services, example.com
+dn: cn=replicant,ou=services,dc=example,dc=com
+objectClass: organizationalRole
+objectClass: top
+objectClass: simpleSecurityObject
+userPassword:: e1NIQX04UWVNNjVTM3IvQjUzc3NWWSs4djRuK3hmN289
+cn: replica
+</file>
+===== Konfiguration Slave =====
+  cd /var/lib/ldap
+  scp -r master:/etc/ldap/. .
+  rm -rf slapd.d
+''/etc/ldap/slapd.conf'' :
+<file>
+database xxx
+rootdn   "cn=admin,dc=example,dc=com"
+syncrepl rid=100
+         provider=ldap://ldap1.example.com
+         searchbase=dc=example,dc=com
+         type=refreshAndPersist
+         retry="60 10 600 +"
+         scope=sub
+         bindmethod=simple
+         binddn="cn=replicant,ou=services,dc=example,dc=com"
+         credentials="replica"
+updateref       ldap://ldap1.example.com
+</file>
+===== Server starten =====
+Master:
+  service slapd start
+Slave:
+  service slapd stop
+  rm -f /var/lib/ldap/*
+  chown openldap:openldap /var/lib/ldap/*
+  service slapd start
+====== Master/Slave Replication Teilbaum ======
+''/etc/ldap/slapd.conf'' :
+wie oben, aber syncrepl erweitert um:
+<file>
+         filter="(|
+             (objectclass=organization)
+             (objectclass=organizationalunit)
+             (objectclass=account)
+         )"
+         attrs="objectclass,cn,ou,uid,userpassword"
+         schemachecking=off
+</file>
+====== Schreibbarer Slave ======
+Schreiboperationen vom Slave an den Master weiterleiten
+''/etc/ldap/slapd.conf'' :
+<file>
+moduleload      back_ldap
+overlay  chain
+chain-uri "ldap://ldap1.example.com"
+chain-idassert-bind bindmethod="simple"
+         binddn="cn=admin,dc=example,dc=com"
+         credentials="villa"
+         mode="self"
+chain-return-error         TRUE
+chain-rebind-as-user       TRUE
+</file>
+====== Konfiguration im DIT ======
+''/etc/ldap/slapd.conf'' :
+zum letzten mal hier, vor der ersten ''database''
+<file>
+database config
+rootdn cn=admin,cn=config
+rootpw admin
+</file>
+  mkdir slapd.d
+  slaptest -f slapd.conf -F slapd.d
+  chown -R openldap:openldap slapd.d/
+  slapcat -b cn=config | grep '^dn'
+====== Dokumentation ======
+  * [[http://www.openldap.org/doc/admin24/syncrepl.html]]
+  * man slapd.conf
+  * Multi-Master Konfiguration: http://www.openldap.org/doc/admin24/replication.html#N-Way%20Multi-Master und http://ltb-project.org/wiki/documentation/openldap-mmr

Linuxhotel Wiki

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Unterschiede

Seiten-Werkzeuge