[Date Prev][Date Next] [Chronological] [Thread] [Top]

Some questions about replication via slurpd

Hi all !

I'm trying to setup a mirror of our LDAP directory throuh slurpd.

For now, without success :-(
Following the OpenLDAP admin guide chapter 13, all seems OK.
But changes aren't replicated to the slave, no .rej files are generated and I couldn't find clue of config errors in the logs.

1. What's the required ACLs for the updatedn ?
On the master, I set up :
M> access to *
M> by dn="cn=ldapreplicator,o=MyO" read

On the slave, I set up :
S> access to *
S> by dn="cn=ldapreplicator,o=MyO" write

as "rootdn can always write" I didn't set up any ACLs for it

2. In the replica directive (on the slave), can the credentials be supplied in an slappasswd encrypted form (like {SSHA}aBcD(...) ) or must it be supplied plaintext ?

3. On the slave, is the referal directive mandatory even if we don't want to allow ldapmodify from user connected on the slave ?

4. what's the purpose of /var/openldap-slurp/replica/slurpd.status ?

I'm running openldap-2.1.21 with default configure options.

On the master, the replica directive is set up as follow :
M> replica  host="lpapmaster:389"
M>  binddn="cn=ldapreplicator,o=MyO"
M>  bindmethod=simple   credentials=plaintextpassord

On the slave,
S> updatedn "cn=ldapreplicator,o=MyO"
S> updateref "ldap://ldapmaster:389";

Of course "cn=ldapreplicator,o=MyO" has been added into the directory

Thanks for help in advance, regards,