[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.4.11 + Syncrepl + RWM

To: AlanWEvans@gmail.com, openldap-software@openldap.org
Subject: Re: OpenLDAP 2.4.11 + Syncrepl + RWM
From: "Gavin Henry" <gavin.henry@gmail.com>
Date: Wed, 24 Dec 2008 09:52:17 +0000
Content-disposition: inline
In-reply-to: <60ff07870812231117p37cd1b43p45f8d4e8d3178614@mail.gmail.com>
References: <60ff07870812231117p37cd1b43p45f8d4e8d3178614@mail.gmail.com>

What are your logs saying? Loglevel sync and stats. Oh, and use the
latest 2.4 since you're at the testing/dev stage of your project.

Gavin.

On 23/12/2008, Alan Evans <alanwevans@gmail.com> wrote:
> I am using OpenLDAP 2.4.11 with all overlays and all backends compiled.  My
> company is in the middle if rebuilding our LDAP environment and we would
> like to use OpenLDAP + Syncrepl + RWM to neatly move objects into their new
> places within the DIT.
>
> Our old DIT looks like:
>
> ou=people,dc=company,dc=com
>   uid=abc_jsmith
>   uid=abc_jdoe
>   uid=xyz_hsmith
>   uid=xyz_dsmith
>
> Our new DIT looks like:
>
> ou=users,o=abc,dc=company,dc=com
>   uid=abc_jsmith
>   uid=abc_jdoe
> ou=users,o=xyz,dc=company,dc=com
>   uid=xyz_hsmith
>   uid=xyz_dsmith
>
> There are about 3100 objects in the ou=people container and we have several
> hundred clients to the current ldap setup so we will not  be able to migrate
> all in one night.
>
> We are setting the new DIT/servers up in paralell to the old and would like
> to use syncrepl on the new servers to pull in objects from the old DIT and
> use syncrepl to find their new place in the tree.  At the moment we are
> testing this setup in a lab enviornment so I am using another backend to
> represent the old DIT.
>
> Here's what my config looks like:
>
> ... snip ...
> database ldif
> suffix ou=people,dc=company,dc=com
> directory /var/lib/ldap/people
> rootdn "cn=Manager,ou=people,dc=company,dc=com"
> rootpw *******
>
> overlay rwm
> rwm-rewriteEngine on
> rwm-rewriteContext default
> rwm-rewriteRule "(uid=abc_.+),ou=people,dc=company,dc=com$"
> "$1,ou=users,o=abc,dc=company,dc=com"
>
> database        bdb
> suffix          "dc=company,dc=com"
> rootdn          "cn=Manager,dc=company,dc=com"
> rootpw                  ********
>
> syncrepl rid=002
>         provider=ldap://localhost/
>         bindmethod=simple
>         binddn="cn=Manager,dc=company,dc=com"
>         credentials=********
>         searchbase="ou=people,dc=company,dc=com"
>         schemachecking=off
>         type=refreshOnly
>         starttls=yes
>         tls_reqcert=allow
>         retry="60 +"
> ... snip ...
>
> The ldif backend works as expected, if I do:
> ldapsearch -x uid=abc_\* -b ou=people,dc=company,dc=com
>
> I get nicely translated DNs and if I save the output to a file and ldap add
> it to the new DIT I get users where they belong.
>
> But, I am not getting synchronization.  I know I am missing something,
> probably more RWM rules.  Maybe instead of doing the rewrites on the 'old'
> backend I should be doing them on the 'new' backend as the data comes into
> syncrepl?
>
> I am also thinking that the searchbase in the syncrepl clause is part of the
> problem, I am telling it to sync ou=people and its getting ou=users,o=abc
> back so it should probably ignore them correct?
>
> Can anyone steer me in the right direction?
>

-- 
Sent from my mobile device

http://www.suretecsystems.com/services/openldap/

Follow-Ups:
- Re: OpenLDAP 2.4.11 + Syncrepl + RWM
  - From: "Gavin Henry" <gavin.henry@gmail.com>

References:
- OpenLDAP 2.4.11 + Syncrepl + RWM
  - From: "Alan Evans" <alanwevans@gmail.com>

Prev by Date: OpenLDAP 2.4.11 + Syncrepl + RWM
Next by Date: Re: OpenLDAP 2.4.11 + Syncrepl + RWM
Index(es):
- Chronological
- Thread