So I found an example for setting up multi master replication using slapd.conf
*slapd.conf for MASTER 1*
*# slapd master ldap1.example.com http://ldap1.example.com* *# global section* *serverID 001*
*database bdb* *...*
*access to ** * by dn.base="cn=admin,ou=people,dc=example,dc=com" read* * by * read*
*syncrepl rid=000 * * provider=ldap://ldap2.example.com http://ldap2.example.com* * type=refreshAndPersist* * retry="5 5 300 +" * * searchbase="dc=example,dc=com"* * attrs="*,+"* * bindmethod=simple* * binddn="cn=admin,ou=people,dc=example,dc=com"* * credentials=secret*
*index objectClass eq*
*mirrormode TRUE*
*overlay syncprov* *syncprov-checkpoint 100 10*
*slapd.conf for MASTER 2*
*# slapd master ldap2.example.com http://ldap2.example.com* *# global section* *serverID 002*
*database bdb* *...*
*access to ** * by dn.base="cn=admin,ou=people,dc=example,dc=com" read* * by * read *
*syncrepl rid=000 * * provider=ldap://ldap1.example.com http://ldap1.example.com* * type=refreshAndPersist* * retry="5 5 300 +" * * searchbase="dc=example,dc=com"* * attrs="*,+"* * bindmethod=simple* * binddn="cn=admin,ou=people,dc=example,dc=com"* * credentials=secret*
*index objectClass eq*
*mirrormode TRUE*
*overlay syncprov* *syncprov-checkpoint 100 10*
My question is - Do the credentials have to be clear text passwords? If not, how do I mention encrypted passwords? (I tried within quotes ' ' and " ", but each time got invalid credentials error)
On Mon, Nov 24, 2014 at 1:28 PM, Howard Chu hyc@symas.com wrote:
Guruprasad Kulkarni wrote:
Hi,
I did have a look at the options and only "--enable-modules" option talks about dynamic module support
I tried "--enable-dynamic" option as well (the description for it is enable linking built binaries with dynamic libs)
What I do observe is that even though I have "moduleload syncprov.la http://syncprov.la" directive in slapd.conf, slapd does not complain about it. So I guess I do not have to specify the module path (syncreplication tests were successful as well)
Correct, moduleload silently succeeds if you specify a module that was built statically.
I also realized I was looking at the OLC configuration examples for multi master. What I need to do is find slapd.conf example for multi master.
On Mon, Nov 24, 2014 at 11:29 AM, Dieter Klünter <dieter@dkluenter.de mailto:dieter@dkluenter.de> wrote:
Am Mon, 24 Nov 2014 09:52:34 -0500 schrieb Guruprasad Kulkarni <gkulkarni@gridcosystems.com <mailto:gkulkarni@gridcosystems.com>>: > I have 2 questions regarding multi master replication: > > 1. I built openldap 2.4.40 from source and according to themakefile, > the module directory should be at /usr/local/libexec/openldap. > > However I do not see such a folder. Am I missing something? The > options I used with configure were "--enable-debug --enable-modules > --enable-hdb --enable-monitor --enable-ppolicy --enable-syncprov > --with-tls --with-cyrus-sasl" > > I am asking because the multi master replication example ( >http://www.openldap.org/doc/admin24/replication.html > http://www.openldap.org/doc/admin24/replication.html#N-Way) needs > me to load thesyncprov.la http://syncprov.la module, but I am not sure if the > modulepath given there is correct or not.
You have probably not build dynamic loadable modules, but built-in modules. you should run ./configure --help | less, which will show proper build choices.-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/