[Date Prev][Date Next] [Chronological] [Thread] [Top]

replicating subtrees



I'm having a little difficulty.  Let me describe what works, and then
what I want and (and what's not working).

Works:
Master        ldap.domain.com
Slave1        samba.domain.com
Slave2        webmail.domain.com
If I setup the master server to replicate everything out to both slaves,
no problems.

What I Want:
Obviously, I don't want to put a bunch of Windows password information
out at the webmail site.  So I configured a couple of ou's:
  ou=samba,o=top
  ou=system,o=top
Now I want to replicate only the samba subtree out to the samba ldap
server and the system subtree out to the webmail ldap server.  I should
be able to do it, but I've not found the right combination yet.  I'm
working with simple auth for right now because plain text allows me to
see what I'm sending over the wire.  I'm also working on test machines.
Here's what seems like I should have (but it doesn't work).  Please 
suggest modifications to make it do what I want:

  Master slapd.conf replication:
replogfile      /var/log/ldap/replicate.log
replica         host=samba.domain.com
                binddn="cn=Manager,o=top"
                bindmethod=simple
                credentials=secret
                suffix="ou=samba,o=top"
replica         host=webmail.domain.com:50389
                binddn="cn=Manager,o=top"
                bindmethod=simple
                credentials=secret
                suffix="ou=system,o=top"
  For each of the slave servers: 
updatedn        "cn=Manager,o=top"
referral        ldap://ldap.domain.com

On the slaves, I tried setting the database suffix to both o=top and 
ou=samba,o=top|ou=system,o=top.  o=top didn't work at all.  The other 
two created a dn2id.dbb file on the slaves but didn't create anything 
in it (and of course no indexes).

The samba users will exist as uid=username,ou=People,ou=samba,o=top and
the webmail users will exist as uid=username,ou=People,ou=system,o=top.
The webmail site will NOT generate a referral to any other servers
because it will be configured to not generate any searches for ou=samba,
and the same applies for the samba site configuration.

I'm in the process of starting slapd in debug mode so I can see what's
going on, but so far, no dice.  I saw several references to replication
in the archives, but I've not found any messages yet that deal with
replicating subtrees (and very little is mentioned in the
Administrator's guide, only that it can be done)

I have more goals, but I don't want to complicate the view here.  I just
want to get subtree replication working first, then work on the next
step.

Anything glaringly wrong?
-- 
Blue skies...		Todd
| Get a bigger hammer!   |  Are you feeling lucky...punk?         |
| http://www.mrball.net  |  I've had better days...               |
| http://faq.mrball.net  |  It's the end of the world as we know i|