[Date Prev][Date Next] [Chronological] [Thread] [Top]

Syncrepl Multi-Master with multiple BDB backends

I have two servers i'd like to setup to do MMR. I have several BDB backends that I would like to replicate. My question is do I need to create a "replicate" user for each BDB backend as well as a syncrepl statement under each BDB definition and an acl to allow the sync user to read the each BDB? Consider the slapd configuration below. Or is is possible to just setup one user with read access to all of my BDB backends and then setup just one syncrepl statement?

serverID        1       ldap://txeduds1
serverID        2       ldap://txeduds2

database bdb
suffix "dc=il,dc=edu,dc=com"
rootdn "cn=LDAPAdmin,dc=il,dc=edu,dc=com"
rootpw  xxxx
directory /var/lib/ldap/ldap.edu.il
monitoring off

syncrepl rid=001
        provider=ldap://txeduds1:389
        type=refreshAndPersist
        retry="60 10 300 +"
        searchbase="dc=il,dc=edu,dc=com"
        attrs="*,+"
        schemachecking=off
        bindmethod=simple
        starttls=no
        tls_reqcert=never
        binddn="cn=ilreplicator,ou=ilservice,dc=il,dc=edu,dc=com"
        credentials=xxxx

##Syncrepl
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

mirrormode on


limits dn.exact="cn=ilreplicator,ou=ilservice,dc=il,dc=edu,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited

####################################################################################

####################################################################################


access to attrs=userpassword
        by dn.base="cn=njreplicator,ou=njservice,dc=nj,dc=edu,dc=com read
        by self write
        by anonymous auth
        by * none




database bdb
suffix "dc=nj,dc=edu,dc=com"
rootdn "cn=LDAPAdmin,dc=nj,dc=edu,dc=com"
rootpw  xxxx
directory /var/lib/ldap/ldap.edu.nj
monitoring off

syncrepl rid=001
        provider=ldap://txeduds1:389
        type=refreshAndPersist
        retry="60 10 300 +"
        searchbase="dc=nj,dc=edu,dc=com"
        attrs="*,+"
        schemachecking=off
        bindmethod=simple
        starttls=no
        tls_reqcert=never
        binddn="cn=njreplicator,ou=njservice,dc=nj,dc=edu,dc=com"
        credentials=xxx

##Syncrepl
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

mirrormode on


limits dn.exact="cn=njreplicator,ou=njservice,dc=nj,dc=edu,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited

####################################################################################

####################################################################################


access to attrs=userpassword
        by dn.base="cn=gareplicator,ou=gaservice,dc=ga,dc=edu,dc=com" read
        by self write
        by anonymous auth
        by * none




database bdb
suffix "dc=ga,dc=edu,dc=com"
rootdn "cn=LDAPAdmin,dc=ga,dc=edu,dc=com"
rootpw  xxx
directory /var/lib/ldap/ldap.edu.ga


syncrepl rid=001
        provider=ldap://txeduds1:389
        type=refreshAndPersist
        retry="60 10 300 +"
        searchbase="dc=ga,dc=edu,dc=com"
        attrs="*,+"
        schemachecking=off
        bindmethod=simple
        starttls=no
        tls_reqcert=never
        binddn="cn=gareplicator,ou=gaservice,dc=ga,dc=edu,dc=com"
        credentials=xxx

##Syncrepl
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

mirrormode on