syncrepl and push-based replication like slurpd http://www.openldap.org/doc/admin24/replication.html#Syncrepl%20Proxy
Hello together,
I'm using openldap 2.4.11 on Debian GNU/Linux lenny. I have problems to understand the admin guide part about the configuration of push-based syncrepl like slurpd http://www.openldap.org/doc/admin24/replication.html#Syncrepl%20Proxy
The syncrepl setup needs to be like slurpd because the master LDAP server is in the LAN and LDAP data needs to be push to external servers which cannot access the LAN (firewalled for security reasons).
So I need to configure the described "18.3.5. Syncrepl Proxy" setup. The description talks about "uri ldap://localhost:9012/" and "provider=ldap://localhost:9011/" but on these ports nothing is listening.
As far as I understand I need to configure from where I pull the data (syncrepl provider which is clear) but the point I don't understand is where to set the slave server which slapd-ldap connects to push data to. Beside the manpage and the admin guide I couldn't find any helpful documentation which helps me to understand this desired setup
Could you help me to understand it?
Thank you.
Noèl Köthe noel@debian.org writes:
Hello together,
I'm using openldap 2.4.11 on Debian GNU/Linux lenny. I have problems to understand the admin guide part about the configuration of push-based syncrepl like slurpd http://www.openldap.org/doc/admin24/replication.html#Syncrepl%20Proxy
The syncrepl setup needs to be like slurpd because the master LDAP server is in the LAN and LDAP data needs to be push to external servers which cannot access the LAN (firewalled for security reasons).
So I need to configure the described "18.3.5. Syncrepl Proxy" setup. The description talks about "uri ldap://localhost:9012/" and "provider=ldap://localhost:9011/" but on these ports nothing is listening.
As far as I understand I need to configure from where I pull the data (syncrepl provider which is clear) but the point I don't understand is where to set the slave server which slapd-ldap connects to push data to. Beside the manpage and the admin guide I couldn't find any helpful documentation which helps me to understand this desired setup
Could you help me to understand it?
the provider is in a protected LAN. The ldap proxy resides on a gateway router or some host which has the ability to route between the two networks. The consumer is a member host within the DMZ.
-Dieter
--On Friday, November 20, 2009 8:33 PM +0100 Dieter Kluenter dieter@dkluenter.de wrote:
Noèl Köthe noel@debian.org writes:
Could you help me to understand it?
the provider is in a protected LAN. The ldap proxy resides on a gateway router or some host which has the ability to route between the two networks. The consumer is a member host within the DMZ.
It's probably worthwhile mentioning you are unlikely to get very far using the OpenLDAP version shipped by Debian, given the numerous issues that have been fixed since 2.4.11. If you're wanting to run an LDAP server, you should avoid the version shipped by Debian.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-software@openldap.org
-
Dieter Kluenter -
Noèl Köthe -
Quanah Gibson-Mount