[Comm] openldap и репликация
Pavel Stoliarov
=?iso-8859-1?q?mylinux02_=CE=C1_mail=2Eru?=
Ср Сен 8 08:44:55 MSD 2004
Всем привет.
Имеется Master 2.2 и OpenLdap 2.0.27-alt5
Несколько дней мучаюсь с репликациями, ни как не могу победить.
Репликации с master slapd идут нормально на slave .
В OpenLDAP Administrator's Guide написано :
1. The LDAP client submits an LDAP modify operation to the slave slapd.
2. The slave slapd returns a referral to the LDAP client referring the
client to the master slapd.
3. The LDAP client submits the LDAP modify operation to the master slapd.
4. The master slapd performs the modify operation, writes out the change to
its replication log file and returns a success code to the client.
5. The slurpd process notices that a new entry has been appended to the
replication log file, reads the replication log entry, and sends the change
to the slave slapd via LDAP.
6. The slave slapd performs the modify operation and returns a success code
to the slurpd process.
Вот именно это и не работает , при попытке удалить или добавить новый элемент
на slave сервере , элемент просто удаляется или добавляется без запроса
master slapd
Конфиги :
master slapd.conf :
...
access to *
by dn="cn=admin,dc=mycompany,dc=ru" write
by * read
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=mycompany,dc=ru"
rootdn "cn=admin,dc=mycompany,dc=ru"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw {SSHA}vWihzY6W+2FU8eiVZF4sLrZJG0Q93Sir
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/lib/ldap/bases
replica host=slave.mycompany.ru:389
binddn="cn=admin,dc=mycompany,dc=ru"
bindmethod=simple
credentials=test
replogfile /var/log/ldap/replica.log
....
------------------------------------------------
slave slapd.conf :
.....
access to *
by dn="cn=admin,dc=mycompany,dc=ru" write
by * read
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=mycompany,dc=ru"
rootdn "cn=admin,dc=mycompany,dc=ru"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw {SSHA}vWihzY6W+2FU8eiVZF4sLrZJG0Q93Sir
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/lib/ldap/bases
updatedn "cn=admin,dc=mycompany,dc=ru"
updateref ldap://master.mycompany.ru
......
--
Best regards
Pavel Stoliarov
Подробная информация о списке рассылки community