Re: AW: replication questions

[Steve Schultze <sjs@gospelcom.net>]

On Wed, 13 Jun 2001, Dan Shriver wrote:
> > hmm:) just add your basic entries before you configure
> replication. so..
> > add your basedn and replicator entry. the replicator may look
> something
> > like:
> >    dn: cn=replicator,dc=SharemediaTest,dc=com
> >    objectclass: person
> >    sn: replicator
> >    cn: replicator
> >    userpassword: {crypt}foo
>
> I added a user to the master db called "Master Replicant" and
> gave it a password.  Then I copied the db over onto the slave.
> Then I started the master and slave and the masters slurpd.

FWIW, I just use the rootdn (on my slave) to replicate from the master.  I
renamed it "cn=Replicator,o=..." just to make sure it's clear that it's to
be used for replication.  In theory, you don't want to be manually
modifying your slave anyway.  So, in the slave's slapd.conf, relevant
lines are.:

rootdn          "cn=replicator, o=Foo, c=US"

access to *
        by dn="cn=replicator, o=Foo, c=US" write

updatedn "cn=replicator, o=Foo, c=US"A


And on the master, I've got:

replica host=ldap.foo.com
        binddn="cn=replicator,o=Foo,c=US"
        bindmethod=simple credentials=foo

replogfile /etc/openldap/replog


I don't know if this is a normal/good way of doing it, but it works.  It
has the added benefit of isolating all the unique user info into the
slapd.conf file.  That way, at any time I can just copy the db files from
the master to the slave and restart it immediately (note: you should put
the master in readonly mode until you get the slave restarted -- otherwise
you might get out of sync).

-- 
Steve Schultze - sjs@gospelcom.net