[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: copying ldap to other servers

To: Justin Hahn <jeh@profitlogic.com>
Subject: RE: copying ldap to other servers
From: Jan-Michael Ong <jmong@adobe.com>
Date: Tue, 30 Oct 2001 09:22:38 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <419A3E73A18BD211A17000105A1C37E9C9D65F@mail.grossprofit.co m>

Justin,

Okay I'm ready to setup replication

I created a master and a slave

On the master and the slave, I created a "cn=MyCopier,o=MyDomain" user

mycopier.ldif
dn: cn=MyCopier,o=MyDomain
objectClass: top
objectClass: person
cn: MyCopier
description: Master Copier
userpassword: 123456

on the master I defined the following
replica host=myslave.mydomain.com:389
                binddn="cn=MyCopier,o=MyDomain"
                bindmethod=simple credentials="123456"
replogfile      /replication/replication.log

on the slave I defined the following after the rootdn and rootpw
[..snip..]
suffix          "o=MyDomain"
rootdn          "cn=root,o=MyDomain"
rootpw  "rootpw"

updatedn        "cn=MyCopier,o=MyDomain"
updateref       "ldap://mymaster.mydomain.com";

and then I defined an access rule:

access to *
  by dn="cn=MyCopier,o=MyDomain"

But whenever I try to update the slave (from the master) I get Insufficient Access... also when I try to update the other way around (I update the slave), I get a referral but the changes never make it to the master.

Any thoughts please?

thanks

jm

At 02:30 PM 10/26/2001 -0400, you wrote:

If/when let me know. I'll be glad to help.

> -----Original Message-----
> From: Jan-Michael Ong [mailto:jmong@adobe.com]
> Sent: Friday, October 26, 2001 1:51 PM
> To: Justin Hahn
> Subject: Re: copying ldap to other servers
>
>
> Justin,
>
> Thank you for the reponse back. The problem is that the
> machine (the master) has
> no way of connecting to the slaves (they are in different
> locations with
> different access rules and different owners) so i thought it
> would just be best
> to do this. however, assuming that I can get the replication
> going would be as
> to be so kind to share with me your slapd.conf for master and
> slave definitions
> (just the replication portion)
>
> Thanks again.
>
> jm
>
> Justin Hahn wrote:
>
> > Use replication. That's what this is for. What happens if
> someone does an
> > ldapmodify to the non-staging server in your case? With
> replicas I can set
> > an updateref so changes get sent back to the master.
> Further, the DBs are
> > kept in relative lock step, so that way I don't have to
> worry too much about
> > propagation delay.
> >
> > --jeh
> >
> > > -----Original Message-----
> > > From: Jan-Michael Ong [mailto:jmong@adobe.com]
> > > Sent: Friday, October 26, 2001 12:52 PM
> > > To: openldap-software@OpenLDAP.org
> > > Subject: copying ldap to other servers
> > >
> > >
> > > Hello,
> > >
> > > We've been updating a staging server and simply copying the
> > > databases over
> > > to other servers (rather than using replication). Is this a
> > > good idea? The
> > > servers all use identical software (Openldap 2.0.11 and
> > > Berkeley db-3.2.9).
> > > Are there any side-effects? What's the best way to approach this?
> > >
> > > I do stop the server, tar up all *.dbb files and move
> them to their
> > > locations, untar them and then start slapd again
> > >
> > > Thank you.
> > >
> > > jm
> > >
>

Prev by Date: Authentication/ACL problem
Next by Date: RE: Connection Stability Troubles with LDAP
Index(es):
- Chronological
- Thread