Hi I plan to configure Multi-master replication LDAPS on 3 servers. Are my steps correct ?
1) On each server dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: syncprov
2) On server 1
dn: cn=config changeType: modify add: olcServerID olcServerID: 1
3) On server 2
dn: cn=config changeType: modify add: olcServerID olcServerID: 2
4) On server 3
dn: cn=config changeType: modify add: olcServerID olcServerID: 3
4) On each server dn: olcDatabase={0}config,cn=config changetype: modify add: olcRootPW olcRootPW: 5fX?BLR2
5) On each server dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 ldaps://infa1.domain.com olcServerID: 2 ldaps://infra2.domain.com olcServerID: 3 ldaps://infra3.domain.ldaps://infra3.test.localcom
6) On each server dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov
7) On each server dn: olcDatabase={0}config,cn=config changetype: modify replace: olcSyncRepl olcSyncRepl: rid=001 provider=ldaps://infra1.domain.com binddn="cn=admin,cn=config" bindmethod=sasl saslmech=EXTERNAL starttls=no tls_cert="/etc/ldap/sasl2/cert.ru.crt" tls_key="/etc/ldap/sasl2/cert.ru.crt" tls_cacert="/etc/ldap/sasl2/comodo.crt" tls_reqcert=allow credentials=5fX?BLR2 searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldaps://infra2.domain.comn binddn="cn=admin,cn=config" bindmethod=sasl saslmech=EXTERNAL starttls=no tls_cert="/etc/ldap/sasl2/cert.ru.crt" tls_key="/etc/ldap/sasl2/cert.ru.crt" tls_cacert="/etc/ldap/sasl2/comodo.crt" tls_reqcert=allow credentials=5fX?BLR2 searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=003 provider=ldaps://infra3.domain.com binddn="cn=admin,cn=config" bindmethod=sasl saslmech=EXTERNAL starttls=no tls_cert="/etc/ldap/sasl2/cert.ru.crt" tls_key="/etc/ldap/sasl2/cert.ru.crt" tls_cacert="/etc/ldap/sasl2/comodo.crt" tls_reqcert=allow credentials=5fX?BLR2 searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE
Is this correct ?