[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Proxying data for syncrepl



Because syncrepl depends heavily on entryUUID and entryCSN that are not
provided by domino?

Bonnie.Oostenbrug@indaal.de ha scritto:
> 
> Maybe I didn't pose the question very well.
> My Proxy Server is configured as a Syncrepl provider. The only
> difference to a "standard" Syncrepl Configuration is that the data isn't
> held local on the provider in a database but in a "database ldap".
> And this configuration does work.
> 
> That means:
> Syncrepl should take place between my consumer and the provider (which
> is itself configured as a proxy). The ldap-server which is working as
> the database backend of my proxy shouldn't need to understand anything
> about syncrepl. Correct? If yes - why does an OpenLDAP running as
> backend work but another ldap server (domino) doesn't?
> 
> I've included the 3 relevant slapd.conf files.I would really appreciate
> some additional input. It's frustrating because it does work...
> as long as vm04 is an openldap server and not domino. But from
> everything I've read, and from my tests, I don't understand why it
> matters what is behind vm04? It's just an ldap server.
> 
> Thank you very much for your support.
> Kind Regards
> Bonnie
> 
> ####################################
> Consumer Configuration (vm01.indaal.de)
> ####################################
> database        bdb
> suffix          "o=four"
> rootdn          "cn=Manager,o=one"
> directory       /var/lib/ldap/four
> lastmod         on
> index           default pres,eq
> index           entryCSN pres,eq
> syncrepl        rid=001
>         provider=ldap://vm03.indaal.de/
>         type=refreshAndPersist
>         interval=00:00:01:00
>         retry="5 5 300 +"
>         searchbase="o=four"
>         schemachecking=off
>         bindmethod=simple
>         binddn="cn=Manager,o=four"
>         credentials=secret
> 
> ###################################################
> Syncrepl Provider Configuration (vm03.indaal.de / the proxy)
> ###################################################
> database        ldap
> suffix          "o=four"
> rootdn          "cn=Manager,o=three"
> uri             ldap://vm04.indaal.de/
> acl-bind        binddn="cn=Manager,o=four" bindmethod=simple
> credentials=secret
> lastmod         on
> overlay syncprov
> 
> ######################################
> Standard Directory Server (vm04.indaal.de)
> ######################################
> database        bdb
> suffix          "o=four"
> checkpoint      1024    5
> cachesize       10000
> rootdn          "cn=Manager,o=four"
> rootpw          secret
> directory       /var/lib/ldap
> index   objectClass                     eq,pres
> index   ou,cn,mail,sn                   eq,pres,sub
> index   uidNumber                       eq,pres
> index   entryUUID,entryCSN              eq
> 
> 
> Bonnie Oostenbrug
> 
> Indaal Information Management GmbH
> Königstrasse 257
> D-47798 Krefeld
> Tel: + 49 (0)2151 - 60748 16
> Fax: +49 (0)2151 - 60748 10
> 
> bonnie.oostenbrug@indaal.de
> http://www.indaal.de
> 
> 
> *Gavin Henry <ghenry@suretecsystems.com>*
> Sent by:
> openldap-technical-bounces+bonnie.oostenbrug=indaal.de@OpenLDAP.org
> 
> 18.08.2008 16:15
> 
> 	
> To
> 	Bonnie Oostenbrug <Bonnie.Oostenbrug@indaal.de>
> cc
> 	openldap-technical@openldap.org
> Subject
> 	Re: Proxying data for syncrepl
> 
> 
> 	
> 
> 
> 
> 
> 
> 
> ----- "Bonnie Oostenbrug" <Bonnie.Oostenbrug@indaal.de> wrote:
> 
>> Hi,
>>
>> I am trying to set up the following configuration. Unfortunately,
>> without much luck so far.
>>
>> 1. A Directory Server capable of LDAP e.g. LotusDomino, OpenLDAP, AD,
>> etc....
>> (This Server isn't/can't be specially configured for replication. I
>> can only ensure that the schema is correct. That is the whole point of
>> my undertaking - because Lotus Domino/AD support it.
> 
> They support their own kind of replication, which is normally already
> configured,
> hence why it appears you don't need to enable anything.
> 
>> 2. OpenLDAP configured as Proxy with a database of type LDAP with
>> overlay syncprov configured and a uri that points to my Directory
>> Server
> 
> This won't work. Read more about how Syncrepl works at:
> 
> http://www.openldap.org/doc/admin24/replication.html#LDAP%20Sync%20Replication
> 
> You can only use Syncrepl against a Syncrepl provider.
> 
>> 3. A Consumer with a database of type BDB configured for syncrepl with
>> my proxy as provider
>>
>> The whole idea is to be able to use this setup to incorporate
>> information from diverse legacy directory servers and get it into a
>> manageable standard OpenLDAP Directory. Without exports etc. I need to
>> have the data replicated down local to my consumer due to Network
>> restrictions.
>> I want to be able to point my Proxy at 3 different Directory Servers
>> and replicate this content down to a single consumer.
>>
>> If I set up the configuration using an OpenLDAP Server as my Directory
>> Server it works. (more or less*)
>> But when I change the proxy to point to e.g. Lotus Domino as my
>> Directory Server I get the error "got empty SyncUUID with
>> LDAP_SYNC_ADD" and the content doesn't replicate down from the
>> Directory Server. Although I see activity on my proxy - he queries my
>> Directory Server.
>>
>> Did I bite off to much for a newbie or am I missing something
>> obvious??
>>
>> Thanks for ideas in which direction I need to be looking!
>> Bonnie
> 
> Also search the mailing list archives for numerous discussion of Active
> Directory
> replication with OpenLDAP.
> 
> Thanks,
> 
> Gavin.
> 
> -- 
> Kind Regards,
> 
> Gavin Henry.
> 
> T +44 (0) 1224 279484
> M +44 (0) 7930 323266
> F +44 (0) 1224 824887
> E ghenry@suretecsystems.com
> 
> Open Source. Open Solutions(tm).
> 
> http://www.suretecsystems.com/
> 



Ing. Luca Scamoni
Responsabile Ricerca e Sviluppo

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 0382 573859 (137)
Mobile:  +39 347 1014425
Fax:     +39 0382 476497
Email:   luca.scamoni@sys-net.it
-----------------------------------