[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replication from child to Parent domain



Hi,

On 18/08/2010 08:48, owen nirvana wrote:
parent is customer
"""
suffix "dc=SCNCA,dc=ROOTCA"
rootdn "cn=admin,dc=SCNCA,dc=ROOTCA"
rootpw        secret

checkpoint      512 30

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

ServerID 000

syncrepl rid=001
         provider=ldap://${SON_LDAP_ADDRESS}:${SON_LDAP_PORT}
         type=refreshOnly
# five minutes, you should do syncrepl once a day in practice
         interval=00:01:00:00
         searchbase="${SON_BASE}"
         filter="(objectClass=*)"
         scope=sub
         schemachecking=off
         bindmethod=simple
         binddn="${SON_ADMIN}"
         credentials=${SON_PASSWD}
         retry="5 5 300 +"

mirrormode on

"""

son is provider
"""
suffix "dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootdn "cn=admin,dc=sonCA,dc=SCNCA,dc=ROOTCA"
rootpw        secret

checkpoint      512 30

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

ServerID 001
"""

Syncrepl does support replicating partial trees.

I think your above configuration could work, but it will be misinterpreted as is: the comment in the middle is going to "comment out" all other components.

The syntax with new lines beginning with a space is just to ease configuration. Upon reading, all lines will be folded into one, like:
syncrepl rid=001 provider=ldap://${SON_LDAP_ADDRESS}:${SON_LDAP_PORT} type=refreshOnly # five minutes, you should do syncrepl once a day in practice interval=00:01:00:00 etc

As you can see, all params after the comment will be ignored.

Jonathan


--
--------------------------------------------------------------
Jonathan Clarke - jonathan@phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------