Hi
I'm trying to set up at new ldap-cluster (openldap 2.4.9 on Ubuntu
8.04). I have splitt the DIT into two dbs, where I have a ou=system
under the base that is a subordinate db to the top db. Both dbs is on
the same server. What I am wondering is where I should insert the
replication information. I tired to put the replication information
under the top db on the master and under the top db on the slave. What
happens is that information is replicated between the top dbs, but not
the subordinates (master to server). I tried adding an additional rid on
the subordinate db on the slave and this made the replication work for
the subordniate also. But when I the tested with a reboot of the servers
the base became corrupt and I had to install everything all over again.
Could someone confirm that the replication information should be under
the top db on the provider and under both dbs on the consumer?
***********************
* Slapd.conf provider: *
***********************
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload back_monitor
moduleload back_bdb
moduleload syncprov
moduleload accesslog
---------SUBORDINATE----
database hdb
suffix "ou=system,dc=......,dc=com"
limits dn.exact="cn=replicator,dc=......,dc=com" size=unlimited
time=unlimited
subordinate
index entryUUID,entryCSN eq
access to *
by dn="cn=replicator,dc=.....,dc=com" read
by peername.ip=127.0.0.1 read
by * none
--------ACCESSLOG-----
database hdb
rootdn "cn=accesslog"
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
limits dn.exact="cn=replicator,dc=.....,dc=com" time.soft=unlimited
time.hard=unlimited size.soft=unlimited size.hard=unlimited
index default eq
index entryCSN,objectClass,reqEnd,reqResult,reqStart eq
--------TOP-----
database hdb
suffix "dc=.....,dc=com"
rootdn "cn=Manager,dc=....,dc=com"
rootpw verysecret
### Replikerings-innstillinger ###
overlay glue
overlay syncprov
syncprov-checkpoint 1000 60
# accesslog overlay definitions for primary db
overlay accesslog
logdb cn=accesslog
logops writes
logsuccess TRUE
logpurge 07+00:00 01+00:00
# Let the replicator DN have limitless searches
limits dn.exact="cn=replicator,dc=....,dc=com" time.soft=unlimited
time.hard=unlimited size.soft=unlimited size.hard=unlimited
index entryUUID eq
lastmod on
access to *
by peername.ip=127.0.0.1 read
by ssf=128 users read
by * none
***********************************
* Slapd.conf consumer: *
***********************************
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload back_monitor
moduleload back_bdb
-------SUBORDINATE------
database hdb
suffix "ou=system,dc=....,dc=com"
limits dn.exact="cn=replicator,dc=....,dc=com" size=unlimited
time=unlimited
index entryUUID eq
access to *
by dn="cn=replicator,dc=....,dc=com" read
by peername.ip=127.0.0.1 read
by * none
--------TOP-----
database hdb
# The base of your directory in database #1
suffix "dc=....,dc=com"
# rootdn directive for specifying a superuser on the database. This is
needed
# for syncrepl.
rootdn "cn=Manager,dc=....,dc=com"
rootpw verysecret
# Replication from master
syncrepl rid=100
provider="ldap://ldap.****.****.com:389";
type=refreshAndPersist
searchbase="dc=.....,dc=com"
filter="(objectClass=*)"
scope=sub
attrs="*"
schemachecking=on
bindmethod=simple
binddn="cn=replicator,dc=.....,dc=com"
credentials="secret"
logbase="cn=accesslog"
logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"
retry="60 +"
syncdata=accesslog
# Refer updates to the master
updateref "ldap://ldap.****.****.com:389";
index entryUUID eq
lastmod on
access to *
by peername.ip=127.0.0.1 read
by ssf=128 users read
by * none
--
Kind regards
Petter S
