Hello. I am going to setup slurpd replication between two servers. When i am doing changes at master, it replies to slave.(all ok!) But when i am doing changes to slave, it don't replies to master!
Here are my configs:
------------------------------------------ master_server ------------------------------------------
include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args loglevel 256
database ldbm cachesize 10000 dbcachesize 1000000 threads 128 dbnosync dbsync 2 12 5 sizelimit 10000 suffix "o=campus,c=ru" rootdn "cn=Manager,o=campus,c=ru" rootpw passwoooord directory /var/db/openldap-ldbm
replogfile /var/log/slurpd.replog replica host=slave_server:389 binddn="cn=replicator,o=campus,c=ru" bindmethod=simple credentials=replicator_password
index objectClass eq index uid pres,eq index rid eq index uidNumber eq index gidNumber eq index cn eq,subinitial index memberUid eq index gecos eq index description eq index default sub
access to attr=userPassword,lmPassword,ntPassword by self write by * auth
access to * by * read
------------------------------------------ slave_server ------------------------------------------ include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args
modulepath /usr/local/libexec/openldap moduleload back_bdb
loglevel 256
database bdb suffix "o=campus,c=ru" rootdn "cn=Manager,o=campus,c=ru" rootpw passwoooord
directory /var/db/openldap-data index objectClass eq
updatedn "cn=replicator,o=campus,c=ru" updateref ldap://master-server
access to * by dn="cn=replicator,o=campus,c=ru" write by * read
---------------------------
So, replication between master and slave works fine.
I need that slave changes replies to master. Are my configs wrong? Both rootdn passwords are equal.
When i am going to change slave database, connecting to the slave by "non-updatedn user"(for example rootdn) no changes have been made at master and at the slave!
I am using perl-script at slave, cause standart tools doesn't work with updaterefs
------------------ #!/usr/bin/perl
use Net::LDAP;
$ldap = Net::LDAP->new('localhost') or die "$@"; $ldap->bind ( # bind to a directory with dn and password dn => 'cn=Manager,o=campus,c=ru', password => 'passwoooord' );
$dn="uid=user,ou=People,o=campus,c=ru"; $ldap->modify( $dn, replace => { 'cn' => 'test of perl script' }); $ldap->unbind ; -------------------
Changes have to be done at master server by updateref link, and then they have to replicate by slurpd replication from master to slave, but it doesnt'work
Hope for your help.
WBR, Roman Yushin
Roman Yushin пишет:
Hello. I am going to setup slurpd replication between two servers. When i am doing changes at master, it replies to slave.(all ok!) But when i am doing changes to slave, it don't replies to master!
Here are my configs:
master_server
include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args loglevel 256
database ldbm cachesize 10000 dbcachesize 1000000 threads 128 dbnosync dbsync 2 12 5 sizelimit 10000 suffix "o=campus,c=ru" rootdn "cn=Manager,o=campus,c=ru" rootpw passwoooord directory /var/db/openldap-ldbm
replogfile /var/log/slurpd.replog replica host=slave_server:389 binddn="cn=replicator,o=campus,c=ru" bindmethod=simple credentials=replicator_password
index objectClass eq index uid pres,eq index rid eq index uidNumber eq index gidNumber eq index cn eq,subinitial index memberUid eq index gecos eq index description eq index default sub
access to attr=userPassword,lmPassword,ntPassword by self write by * auth
access to * by * read
slave_server
include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args
modulepath /usr/local/libexec/openldap moduleload back_bdb
loglevel 256
database bdb suffix "o=campus,c=ru" rootdn "cn=Manager,o=campus,c=ru" rootpw passwoooord
directory /var/db/openldap-data index objectClass eq
updatedn "cn=replicator,o=campus,c=ru" updateref ldap://master-server
access to * by dn="cn=replicator,o=campus,c=ru" write by * read
So, replication between master and slave works fine.
I need that slave changes replies to master. Are my configs wrong? Both rootdn passwords are equal.
When i am going to change slave database, connecting to the slave by "non-updatedn user"(for example rootdn) no changes have been made at master and at the slave!
I am using perl-script at slave, cause standart tools doesn't work with updaterefs
#!/usr/bin/perl
use Net::LDAP;
$ldap = Net::LDAP->new('localhost') or die "$@"; $ldap->bind ( # bind to a directory with dn and password dn => 'cn=Manager,o=campus,c=ru', password => 'passwoooord' );
$dn="uid=user,ou=People,o=campus,c=ru"; $ldap->modify( $dn, replace => { 'cn' => 'test of perl script' }); $ldap->unbind ;
Changes have to be done at master server by updateref link, and then they have to replicate by slurpd replication from master to slave, but it doesnt'work
Hope for your help.
WBR, Roman Yushin
i still need your help!
On Mon, Oct 30, 2006 at 11:36:46AM +0300, Roman Yushin wrote:
Roman Yushin пишет:
Hello. I am going to setup slurpd replication between two servers. When i am doing changes at master, it replies to slave.(all ok!) But when i am doing changes to slave, it don't replies to master!
openldap does not support master-master replication in any form. Don't use slurpd -- it's depricated. Use syncrepl. Afaik, it's implemented in openldap 2.4.
WBR
--On Monday, October 30, 2006 5:42 PM +0300 Dmitriy Kirhlarov dkirhlarov@oilspace.com wrote:
On Mon, Oct 30, 2006 at 11:36:46AM +0300, Roman Yushin wrote:
Roman Yushin пишет:
Hello. I am going to setup slurpd replication between two servers. When i am doing changes at master, it replies to slave.(all ok!) But when i am doing changes to slave, it don't replies to master!
openldap does not support master-master replication in any form. Don't use slurpd -- it's depricated. Use syncrepl. Afaik, it's implemented in openldap 2.4.
Just to be clear, High Availability Master is what is implemented in 2.4 (syncrepl is already implemented).
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
On Thursday 26 October 2006 17:41, Roman Yushin wrote:
Hello. I am going to setup slurpd replication between two servers. When i am doing changes at master, it replies to slave.(all ok!) But when i am doing changes to slave, it don't replies to master!
When you attempt to do changes on the slave, you should be getting a referral to your master.
Changes will *not* be forwarded to the master for you (although if you are running a recent OpenLDAP, you may be able to configure the chain overlay to do this for you).
Regards, Buchan
openldap-software@openldap.org
-
Buchan Milne -
Dmitriy Kirhlarov -
Quanah Gibson-Mount -
Roman Yushin