[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
MultiMaster under 2.1.21
Hi,
I'm using OpenLDAP 2.1.21, as included in the Kolab project (www.kolab.org).
I've two machines, with OpenLDAP on each. Each machine has a database
defined with suffix "dc=company,dc=com". Each machine is intended to be
master for one branch of the DIT, and slave for a parallel branch.
So machine1 is populated with objects under "dc=ie,dc=company,dc=com"
and machine2 with objects under "dc=fr,dc=company,dc=com". Both machines
have a parent object with dn: "dc=company,dc=com"
As far as I can see, this should really be done with ou attributes (it's
a quirk of using Kolab), but functionally it should be equivilent.
Entries could be added to both machines as normal (using slapadd,
ldapadd, the APIs, etc)
Next, on machine1, I created a replica entry. I specified machine2 as
the host, specified a suffix of "dc=ie,dc=company,dc=com" (so that only
that part of the DIT would be replicated). On machine2 I specified a
matching updatedn.
I added an entry on machine1, and it was replicated successfully to
machine2. So far so good.
But now machine2 won't accept any updates directly. It complains:
ldap_add: Server is unwilling to perform (53)
additional info: referral missing
This is correct behaviour for entries under "dc=ie,dc=company,dc=com".
Machine2 knows it's a slave for these, I haven't specified an updateref,
so it complains.
But what I want is a way to still add entries under
"dc=fr,dc=company,dc=com" directly, ie I want machine2 to recognise
itself as a master for this branch of the DIT.
Is this possible? If not, and I need to enable multimaster, can this be
done at compile time under 2.1.21 (via --enable-multimaster) or does the
source code need editing by hand.
I also looked at the possibility of having two config files, as follows:
----------------------
#
# Machine1
#
database ldbm
replica <to machine2>
suffix "dc=fr,dc=company,dc=com"
...
database ldbm
updatedn <from machine2>
suffix "dc=ie,dc=company,dc=com"
...
database ldbm
suffix "dc=company,dc=com"
...
----------------------
#
# Machine2
#
database ldbm
replica <to machine1>
suffix "dc=fr,dc=company,dc=com"
...
database ldbm
updatedn <from machine1>
suffix "dc=ie,dc=company,dc=com"
...
database ldbm
suffix "dc=company,dc=com"
...
----------------------
Is an approach like this seamless to the end user?
ie would a ldapsearch for "(mail=*)" to the running slapd return entries
from all three databases, if you "binded" to the top-level suffix?
Thanks in advance,
Paul.