Re: OpenLDAP instance as syncREPL replica and Slurpd master

[Howard Chu <hyc@symas.com>]

Quanah Gibson-Mount wrote:
> --On September 14, 2007 5:21:28 PM +0200 Bruno Lezoray EMSM 
> <bruno.lezoray@wh-ces.gmessaging.net> wrote:
>
> > Hi all,
> >
> > i want to implement a specific openldap configuration with 3 instances:
> > 1st is a master
> > 2nd is a syncrepl replica "and" slurpd master
> > 3rd is a slurpd replica

> Set up a pushed-base syncrepl instead of using slurpd.  Slurpd is 
> deprecated, and fully removed from OpenLDAP 2.4.

In OpenLDAP 2.3 this will require one more slapd process (while eliminating the 
slurpd process).

1 provider
2 regular consumer
2A back-ldap consumer
3 external replica

None of the existing (1, 2, or 3) servers' configurations need any changes. 
(Except, you can remove the "replica" directives from your "slurpd master" 
since they don't do any good, and aren't needed anyway.)

The back-ldap consumer would be set up something like:

database    ldap
suffix      "dc=example,dc=com"
rootdn      "cn=Whoever"
uri     ldap://localhost:9013/     <---- URL of external replica

acl-bind    bindmethod=simple
        binddn="cn=Monitor"        <---- updatedn of external replica
        credentials=monitor        <---- password for updatedn

# the usual consumer config...
syncrepl    rid=1
        provider=ldap://localhost:9011/
        binddn="cn=Manager,dc=example,dc=com"
        bindmethod=simple
        credentials=secret
        searchbase="dc=example,dc=com"
        filter="(objectClass=*)"
        schemachecking=off
        scope=sub
        type=refreshOnly
        interval=00:00:00:10
        retry="5 5 300 5"


--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/