[Date Prev][Date Next] [Chronological] [Thread] [Top]

cn=config replication to consumer / slave servers

I have a pair of mirror mode master servers that I would like to be able to provide cn=config replication to a series of slave servers, primarily, to keep ACLs in sync across servers.

I've tried syncrepl to the cn=config of the primary servers trying to exclude certain objects and attributes to prevent the slave from also taking the syncprov role. This did not seem to work well enough as I was unable to prevent some unwanted entry or another from making it's way through and overwriting the syncrepl line itself.

Alternately, I tried to setup a separate database cn=config_slave and have that snycrepl to the slave into cn=config... but that creates a naming missmatch.

Is there an approved practice to achieve this, or some other pointers on avenues to explore?