2018-01-16 0:20 GMT+04:00 Geert Hendrickx geert@hendrickx.be:
On Mon, Jan 15, 2018 at 18:16:57 +0100, Clément OUDOT wrote:
2018-01-15 10:05 GMT+01:00 Michael Ströder michael@stroeder.com:
Jephte Clain wrote: As Clément wrote he has multiple values configured for olcServerID in cn=config (aka serverID in slapd.conf). So he can't just use "slapd -h ldap://" because the parameter value -h is used by slapd to determine the actual server ID to be used.
Well, that's one of the reasons why I avoid to set multiple serverID values. And of course that means that you cannot use a replicated
cn=config.
Does that mean that we can set MMR replication for data (not cn=config) with only one value in olcServerID? In this case we don't have the constraint to start the daemon on a dedicated LDAP URI? Would we still be able to define all olcSyncrepl statements in the database or do we need to set only those not concerning the current node?
We do MMR with service IP's, using identical slapd.conf's (with multi-valued serverID) and -h ldap://, but we use the proper system hostnames for syncrepl providers.
hello,
that's what I meant earlier when I said I did nothing special:
all nodes run with -h ldap:// and I have as many olcServerID as defined nodes my cn=config is also replicated between all nodes
for example, I have: ~~~ dn: cn=config ... olcServerID: 1 ldap://ldapm3.univ.run/ olcServerID: 2 ldap://ldapm4.univ.run/
dn: olcDatabase={0}config,cn=config ... olcSyncrepl: {0}... rid=0 provider="ldap://ldapm3.univ.run/" ... olcSyncrepl: {1}... rid=3 provider="ldap://ldapm4.univ.run/" ... olcUpdateRef: ldap://ldapm3.univ.run/ olcUpdateRef: ldap://ldapm4.univ.run/ olcMirrorMode: TRUE
# and for each suffix something like this: dn: olcDatabase={1}mdb,cn=config ... olcSuffix: dc=univ-reunion,dc=fr olcSyncrepl: {0}... rid=2 provider="ldap://ldapm3.univ.run/" ... olcSyncrepl: {1}... rid=5 provider="ldap://ldapm4.univ.run/" ... olcUpdateRef: ldap://ldapm3.univ.run/ olcUpdateRef: ldap://ldapm4.univ.run/ olcMirrorMode: TRUE ~~~
It has worked that way for several years now... Is it ok or am I just asking for trouble?
btw, rid is generated by a script for each new database, nothing funny to see here :-)
best regards, Jephté Clain
Geert-- geert.hendrickx.be :: geert@hendrickx.be :: PGP: 0xC4BB9E9F This e-mail was composed using 100% recycled spam messages!