Without digging into your particular issue, I used this guide and was able to configure replication:
http://www.openldap.org/doc/admin24/
This most specifically for you right now:
http://www.openldap.org/doc/admin24/replication.html
On Wed, Aug 29, 2012 at 11:32:14AM -0400, Jeff Dickens wrote:
I've been following this page from the Ubuntu Server Guide with generally good results: [1]https://help.ubuntu.com/12.04/serverguide/openldap-server.html%EF%BF%BD Now I'm down to the replication section, at� [2]https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-serv.... �So far it isn't working. �First things first: I create the following ldif file to configure the sync provider:
# Add indexes to the frontend db. dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcDbIndex olcDbIndex: entryCSN eq - add: olcDbIndex olcDbIndex: entryUUID eq #Load the syncprov and accesslog modules. dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: syncprov - add: olcModuleLoad olcModuleLoad: accesslog # Accesslog database definitions dn: olcDatabase={2}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcDbDirectory: /var/lib/ldap/accesslog olcSuffix: cn=accesslog olcRootDN: cn=admin,dc=intranet,dc=seamanpaper,dc=com olcDbIndex: default eq olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart # Accesslog db syncprov. dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov olcSpNoPresent: TRUE olcSpReloadHint: TRUE # syncrepl Provider for primary db dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov olcSpNoPresent: TRUE # accesslog overlay definitions for primary db dn: olcOverlay=accesslog,olcDatabase={1}hdb,cn=config objectClass: olcOverlayConfig objectClass: olcAccessLogConfig olcOverlay: accesslog olcAccessLogDB: cn=accesslog olcAccessLogOps: writes olcAccessLogSuccess: TRUE # scan the accesslog DB every day, and purge entries older than 7 days olcAccessLogPurge: 07+00:00 01+00:00The guide says you can test the provider with this command:
root@grackle:~# ldapsearch -z1 -LLLQY EXTERNAL -H ldapi:/// -s base contextCSN dn: root@grackle:~#but as you see that doesn't return anything. � However, this command does find it:
root@grackle:~# slapcat | grep -C 10 contextCSN objectClass: organization o: [3]intranet.seamanpaper.com dc: intranet structuralObjectClass: organization entryUUID: 99e43416-73a1-1031-9d82-4f560555aca0 creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com createTimestamp: 20120805233244Z entryCSN: 20120805233244.262007Z#000000#000#000000 modifiersName: cn=admin,dc=intranet,dc=seamanpaper,dc=com modifyTimestamp: 20120805233244Z contextCSN: 20120829024252.920832Z#000000#000#000000 dn: cn=admin,dc=intranet,dc=seamanpaper,dc=com objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword:: e1NTSEF9Nm9zUVlmUStzd1RCOVJCQXUyL3NhQURpYTZ1R0NuRC8= structuralObjectClass: organizationalRole entryUUID: 99e4f9fa-73a1-1031-9d83-4f560555aca0 creatorsName: cn=admin,dc=intranet,dc=seamanpaper,dc=com root@grackle:~#Before I go on to figure out why the sync isn't working, why isn't the ldapsearch command above returning anything? Thanks in advance for your help. -- ���� Jeff Dickens ���� IT Manager����� 978-632-1513
References
Visible links