A page in your DokuWiki was added or changed. Here are the details: Date : 2010/09/23 16:30 Browser : Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Ubuntu/10.04 Chromium/6.0.472.62 Chrome/6.0.472.62 Safari/534.3 IP-Address : 109.197.176.10 Hostname : gw-puteaux.linagora.com Old Revision: none New Revision: http://ltb-project.org/wiki/documentation/openldap-mmr Edit Summary: create openldap mmr tools page User : tchemineau
====== OpenLDAP MMR Tools ====== ===== Presentation ===== This tools are designed to help system administrator to deploy a multimaster cluster with OpenLDAP 2.4. ===== Installation ===== ===== Configuration ===== Edit the configuration file (openldap-mmr.conf), to fit your installation. | //Parameter// | //Description// | |LDAP_MIGRATE_IP|OpenLDAP 2.3 server to migrate data from| |LDAP_MIGRATE_TLS|Is migration replication link use TLS or not| |LDAP_PROVIDER_IP|Main default provider IP| |LDAP_USERNAME|System user which own OpenLDAP database and configuration files | |LDAP_GROUPNAME|System group which own OpenLDAP database and configuration files | |LDAP_TLS|Use TLS| |LDAP_TLS_REQCERT|Verify certificate| |OPENLDAP_INSTALL_DIR|Where OpenLDAP is installed| |OPENLDAP_DATA_DIR|Main OpenLDAP database directory| |OPENLDAP_DBLOG_DIR|Main BerkeleyDB log directory| |OPENLDAP_PASSWD_SCHEME|Scheme to hash generated passwords| |BOOTSTRAP_PROVIDER|Bootstrap file for first provider| |BOOTSTRAP_NODE|Bootstrap file for nodes| Then, take care of a few needs, such as the following: * Create all missing directories on the system; * Allowed directories should be own by appropriate user/group. ===== Usage ===== ==== Initialize the first provider ==== Then, choose a server. It will be used as the first provider. Type the following command, and follow instructions: <code>./mmr-initprov</code> It will ask you: * The local IP to use for this first provider; * The new password for the cn=config backend. Once you have answer to all questions, it will: * Create a boostrap file for your provider installation; * Replace all variables into this bootstrap file; * Create the slapd.d directory, which will store files for cn=config; * Fixe rights on few directories (databases, etc.). ==== Initialize other provider(s) (called nodes) ==== On a provider (not the first one), type the following command, and follow instructions: <code>./mmr-addnode</code> It will ask you: * The local IP to use for this new node; * The remote IP to use to connect to the first provider; * The password for the cn=config backend; * The serverID for this node (automatically calculated from the provider). Once you have answer to all questions, it will: * Create a simple boostrap file for your node installation; * Replace all variables into this bootstrap file; * Create the slapd.d directory, which will store files for cn=config; * Fixe rights on few directories (databases, etc.). When you will run your Openldap server, replication should work and all configuration should be synchronized. I recommand you to stop your Openldap server one time, and restarting it, to make databases replications work. ===== Recommandations ===== ==== Adapt Openldap settings ==== Once all of the above command was successfully executed, adapt settings of Openldap, so that it will use the new configuration directory, instead of the classical configuration file. If you use ltb RPM packages, you could modify the SLAPD_CONF_DIR parameter into the /etc/default/slapd file. For example: <code>#SLAPD_CONF="$SLAPD_PATH/etc/openldap/slapd.conf" SLAPD_CONF_DIR="$SLAPD_PATH/etc/openldap/slapd.d"</code> You should also fix IP into each server configuration, in /etc/default/slapd too (simple and SSL). -- This mail was generated by DokuWiki at http://ltb-project.org/wiki/ _______________________________________________ ltb-changes mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-changes
