[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
N-Way Multi-Master
***NOTE: Btw, I can't get to the openldap.org site, this morning. Receiving a "Bad Response"
Anyway, setting up (or attempting) an N-way Multi-Master (in the end will be 3-way Multi-Master -- the below is only a 2-Way). Been reading the man pages, and the procedure(s) in section 18.3.3 in the "24 Admin Guide", etc.
Currently, have two servers (going to build one more) to play with.
(1)
[root@<client_of_server2> openldap]# ldapsearch -W -x -H "ldap://<server2>.example.ldap" -ZZ -v -D cn=admin,cn=config -b cn=config olcOverlay={0}syncprov
ldap_initialize( ldap://<server2>.example.ldap )
Enter LDAP Password:
filter: olcOverlay={0}syncprov
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <cn=config> with scope subtree
# filter: olcOverlay={0}syncprov
# requesting: ALL
#
# {0}syncprov, {0}config, config
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
(2)
[root@<server1> openldap]# ldapsearch -W -x -H "ldap://<server1>.example.ldap" -ZZ -v -D cn=admin,cn=config -b cn=config olcOverlay=syncprov
ldap_initialize( ldap://<server1>.example.ldap )
Enter LDAP Password:
filter: olcOverlay=syncprov
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <cn=config> with scope subtree
# filter: olcOverlay=syncprov
# requesting: ALL
#
# {0}syncprov, {0}config, config
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
(3)
[root@<server1> openldap]# ldapsearch -W -x -H "ldap://<server1>.example.ldap" -ZZ -v -D cn=admin,cn=config -b cn=config olcDatabase=config
ldap_initialize( ldap://<server1>.example.ldap )
Enter LDAP Password:
filter: olcDatabase=config
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <cn=config> with scope subtree
# filter: olcDatabase=config
# requesting: ALL
#
# {0}config, config
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by * none
olcAddContentAcl: TRUE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,cn=config
olcRootPW: {SSHA}****
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
olcSyncrepl: {0}rid=001 provider=ldap://<server1>.example.ldap binddn="cn=co
nfig" bindmethod=simple credentials=<password> searchbase="cn=config" type=r
efreshAndPersist retry="5 5 300 5" timeout=1
When I attempted to add the olcSyncrepl attribute, I added two "rids" but, somehow it only took one. Now, I can't add a second, nor can I delete the rid=001. With the configuration as it stands, I know it is in a loop.
Attempt to add the second rid, again:
#Add_LDIF:
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcSyncrepl
olcSyncreple: {1}rid=002 provider://<server2>.example.ldap binddn="cn=config" bindmethod=simple credentials=<password> searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1
I receive the following error: LDAP error code 53: shadow context; no update referral
If I attempt to add an olcUpdateRef, the following error appears:
"must appear after syncrepl or updatedn"
Even if, what appears to me, I add it after the syncrepl attribute. This is a test configuration...so, back-tracking is not a problem. Just would like to know if the Admin Guide missed a few steps and/or I did and where.
Again, right now, the openldap.org site cannot be reached...so, I can't review the manual to see what I may have missed.
Thanks in advance;
Dave Borresen
MIT Lincoln Lab