Sorry, yes you should just pick your basedn, not the people one, but the one above.
Gavin. On 24/12/2008, Gavin Henry <[email protected]> wrote: > What are your logs saying? Loglevel sync and stats. Oh, and use the > latest 2.4 since you're at the testing/dev stage of your project. > > Gavin. > > On 23/12/2008, Alan Evans <[email protected]> wrote: >> I am using OpenLDAP 2.4.11 with all overlays and all backends compiled. >> My >> company is in the middle if rebuilding our LDAP environment and we would >> like to use OpenLDAP + Syncrepl + RWM to neatly move objects into their >> new >> places within the DIT. >> >> Our old DIT looks like: >> >> ou=people,dc=company,dc=com >> uid=abc_jsmith >> uid=abc_jdoe >> uid=xyz_hsmith >> uid=xyz_dsmith >> >> Our new DIT looks like: >> >> ou=users,o=abc,dc=company,dc=com >> uid=abc_jsmith >> uid=abc_jdoe >> ou=users,o=xyz,dc=company,dc=com >> uid=xyz_hsmith >> uid=xyz_dsmith >> >> There are about 3100 objects in the ou=people container and we have >> several >> hundred clients to the current ldap setup so we will not be able to >> migrate >> all in one night. >> >> We are setting the new DIT/servers up in paralell to the old and would >> like >> to use syncrepl on the new servers to pull in objects from the old DIT and >> use syncrepl to find their new place in the tree. At the moment we are >> testing this setup in a lab enviornment so I am using another backend to >> represent the old DIT. >> >> Here's what my config looks like: >> >> ... snip ... >> database ldif >> suffix ou=people,dc=company,dc=com >> directory /var/lib/ldap/people >> rootdn "cn=Manager,ou=people,dc=company,dc=com" >> rootpw ******* >> >> overlay rwm >> rwm-rewriteEngine on >> rwm-rewriteContext default >> rwm-rewriteRule "(uid=abc_.+),ou=people,dc=company,dc=com$" >> "$1,ou=users,o=abc,dc=company,dc=com" >> >> database bdb >> suffix "dc=company,dc=com" >> rootdn "cn=Manager,dc=company,dc=com" >> rootpw ******** >> >> syncrepl rid=002 >> provider=ldap://localhost/ >> bindmethod=simple >> binddn="cn=Manager,dc=company,dc=com" >> credentials=******** >> searchbase="ou=people,dc=company,dc=com" >> schemachecking=off >> type=refreshOnly >> starttls=yes >> tls_reqcert=allow >> retry="60 +" >> ... snip ... >> >> The ldif backend works as expected, if I do: >> ldapsearch -x uid=abc_\* -b ou=people,dc=company,dc=com >> >> I get nicely translated DNs and if I save the output to a file and ldap >> add >> it to the new DIT I get users where they belong. >> >> But, I am not getting synchronization. I know I am missing something, >> probably more RWM rules. Maybe instead of doing the rewrites on the 'old' >> backend I should be doing them on the 'new' backend as the data comes into >> syncrepl? >> >> I am also thinking that the searchbase in the syncrepl clause is part of >> the >> problem, I am telling it to sync ou=people and its getting ou=users,o=abc >> back so it should probably ignore them correct? >> >> Can anyone steer me in the right direction? >> > > -- > Sent from my mobile device > > http://www.suretecsystems.com/services/openldap/ > -- Sent from my mobile device http://www.suretecsystems.com/services/openldap/
