On Mon, Aug 11, 2008 at 11:38:12AM -0700, Grant Gossett wrote:

Is it possible to use syncrepl replication with a non slapd master?

Very unlikely. The syncrepl protocol is quite new, and I do not know of any other servers that implement it.

You might be able to construct something that works the other way around - with an OpenLDAP master pushing changes to a different type of replica server. This would use an LDAP backend so the replica would never see the syncrepl protocol anyaway.

Being more specific, I would like to have a copy of several different microsoft domains held on a slapd server. I've seen this question posed in the archives but I haven't been able to find much in the way of an answer anywhere.

Assuming that slapd + syncrepl will work with non-slapd masters, is the next obstacle going to be making a schema that matches the active directory shema so that replication can actually occur?

You will certainly need to define appropriate schema. Once that is in place you will need to use some directory-synchronisation product or write scripts to do the replication. Possible in principle, but you will never get any password data from AD via LDAP (because there isn't any there).

I have had success in this sort of environment using Microsoft's windows-to-unix password-sync system (part of SFU) to notify the synchronisation system when an entry is created. It is still necessary to do periodic full scans to detect other changes.

The solution to this problem is not really specific to OpenLDAP so you may get more answers from a different mailing list.

Andrew