[Date Prev][Date Next]
On Thu, Apr 08, 2004 at 08:49:24AM +0200, Ottavio Campana wrote:
> you're looking for a multimaster system. Some weeks ago I just posted to
> this list to know has this feature is supported by openldap but noone
> said me anything.
> Is there anyone who can tell something about it?
It's available, but I believe it's unsupported. It's appallingly badly
documented. :-) I'm using it with version 2.1.29 in combination with
Linux-HA and it works well.
In a nutshell, you need to do:
./configure [...usual options here...] --enable-multimaster --enable-slapd
and then edit include/portable.h, changing /* #undef SLAPD_MULTIMASTER */
into #define SLAPD_MULTIMASTER (hmm, --enable-multimaster should do
that, grr). Then make depend && make && make install as usual.
This is what I have in one machine's slapd.conf:
# Where to store the replica logs.
# this is the DN presented by the other machine when it replicates
# we refer updates to ourselves
# the replica is on the other machine
# so we bind with our name
That's mirrored on the other machine, swapping ldapsrv1<->ldapsrv2
throughout. You need entries in your directory so the replication
connections can authenticate. You'll also need an ACL to allow
replication to write to the directory; something like this:
access to *
by dn="cn=admin,dc=sanger,dc=ac,dc=uk" write
by dn="cn=ldapsrv2,ou=pseudoaccounts,dc=sanger,dc=ac,dc=uk" write
by * none break
I think that's about it. Any other questions, just ask. Similarly, if
anyone notices a glaring error I've made, please say -- but like I say,
this works for me.
** Dave Holland ** Systems Support - Special Projects Team **
** 01223 834244 ** Sanger Institute, Hinxton, Cambridge, UK **
"Good, Fast, Cheap: pick any two."