I should add one minor correction here, as I copied from the wrong ldif, I added tls support with the following entries:
olcSyncRepl: rid=001 provider=ldap://ldapserver2 binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" starttls=yes tls_reqcert=never type=refreshAndPersist tls_cacert=/etc/pki/tls/certs/cert.crt retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldap://ldapserver1 binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" starttls=yes tls_reqcert=never type=refreshAndPersist tls_cacert=/etc/pki/tls/certs/cert.crt retry="5 5 300 5" timeout=1
Joshua Miller wrote:
dn: olcDatabase={0}config,cn=config changetype: modify add: olcSyncRepl olcSyncRepl: rid=001 provider=ldap://ldapserver2 binddn="cn=config"bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 olcSyncRepl: rid=002 provider=ldap://ldapserver1 binddn="cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 - add: olcMirrorMode olcMirrorMode: TRUE