Emmanuel Dreyfus wrote:
On Thu, Apr 05, 2007 at 01:24:09PM -0700, Howard Chu wrote:
That's syncrepl by itself, yes. Using syncrepl in conjunction with back-ldap provides a pure push based mechanism though.
Is there any document explaining how to set up this? I asked a few weeks ago, and I the answer I had was to look at the testsuite for a setup example. Anyone wrote a few lines to make it a bit more accessible to the rest of us?
A detailed description in plaintext will be far more lengthy than the working example already provided in the test suite and you would just need an example anyway.
In brief: Set up the syncrepl provider as normal. Set up the remote slave with an updatedn (as if you were configuring it for slurpd). Set up a separate slapd with a back-ldap proxy, on the provider's side of the firewall. Point this back-ldap proxy at the remote slave. Set up a syncrepl consumer on this proxy that talks to the provider.
Done.
In OpenLDAP 2.4 some of the proxy setup can be streamlined using the "hidden" database keyword, but the generic approach given above works with 2.3.