On 2013-09-26 15:04, "Dieter Klünter" dieter@dkluenter.de wrote:
Am Thu, 26 Sep 2013 17:23:42 +0000 schrieb "Jancewicz, Russell" russell.jancewicz@uconn.edu:
It was modified from the generation of slapd-chain2.conf which also didn't work (I was working off the assumption that the overlay needed to be on olcDatabase={1}frontend)
This is the slapd-chain2.conf file I am using (modified slightly) The only differences between this and the unmodified slapd-chain2.conf is the directory and the addition of chain-tls and chain-idassert-authzFrom to the "overlay chain" section.
I'm generating my config with it with $ slaptest -f slapd-chain2.conf -F ./slapd.d-test/
""" include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/nis.schema
database hdb directory /srv/ldap/example.com/ suffix "dc=example,dc=com" rootdn "cn=admin,dc=example,dc=com" rootpw secret
overlay chain chain-uri ldap://master.example.com chain-idassert-bind bindmethod=simple binddn="dc=example,dc=com" credentials=secret mode=self chain-tls start chain-idassert-authzFrom "*" """
[...]
In this particular case chaining is a global configuration parameter,
If that's the case what should I do to propagate writes/modifies from a *specific* database on my slave to a master? (ideally in cn=config style ldifs, not ldap.conf)
Regardless if I apply it to the {-1}frontend or the {1}hdb both situations have resulted in the unwilling to perform error.
bear in mind that chaining confuration is based on back-ldap, thus you may add configuration parameters from slapd-ldap(5) by attaching a chain- prefix.
[other global stuff] overlay chain chain-uri ldap://some.host chain-idassert-bind bindmethod=xxxxx credentials=xxxx mode=self flags=non-prescriptive chain-return-error TRUE chain-rebind-as user TRUE
database config [...] database mdb [...]
-Dieter
-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
-Russell J. Jancewicz University of Connecticut