So I found an example for setting up multi master replication using slapd.conf
*slapd.conf for MASTER 1* *# slapd master ldap1.example.com <http://ldap1.example.com>* *# global section* *serverID 001* *database bdb* *...* *access to ** * by dn.base="cn=admin,ou=people,dc=example,dc=com" read* * by * read* *syncrepl rid=000 * * provider=ldap://ldap2.example.com <http://ldap2.example.com>* * type=refreshAndPersist* * retry="5 5 300 +" * * searchbase="dc=example,dc=com"* * attrs="*,+"* * bindmethod=simple* * binddn="cn=admin,ou=people,dc=example,dc=com"* * credentials=secret* *index objectClass eq* *mirrormode TRUE* *overlay syncprov* *syncprov-checkpoint 100 10* *slapd.conf for MASTER 2* *# slapd master ldap2.example.com <http://ldap2.example.com>* *# global section* *serverID 002* *database bdb* *...* *access to ** * by dn.base="cn=admin,ou=people,dc=example,dc=com" read* * by * read * *syncrepl rid=000 * * provider=ldap://ldap1.example.com <http://ldap1.example.com>* * type=refreshAndPersist* * retry="5 5 300 +" * * searchbase="dc=example,dc=com"* * attrs="*,+"* * bindmethod=simple* * binddn="cn=admin,ou=people,dc=example,dc=com"* * credentials=secret* *index objectClass eq* *mirrormode TRUE* *overlay syncprov* *syncprov-checkpoint 100 10* My question is - Do the credentials have to be clear text passwords? If not, how do I mention encrypted passwords? (I tried within quotes ' ' and " ", but each time got invalid credentials error) On Mon, Nov 24, 2014 at 1:28 PM, Howard Chu <[email protected]> wrote: > Guruprasad Kulkarni wrote: > >> Hi, >> >> I did have a look at the options and only "--enable-modules" option >> talks about dynamic module support >> >> I tried "--enable-dynamic" option as well (the description for it is >> enable linking built binaries with dynamic libs) >> >> What I do observe is that even though I have "moduleload syncprov.la >> <http://syncprov.la>" directive in slapd.conf, slapd does not complain >> about it. So I guess I do not have to specify the module path >> (syncreplication tests were successful as well) >> > > Correct, moduleload silently succeeds if you specify a module that was > built statically. > >> >> I also realized I was looking at the OLC configuration examples for >> multi master. What I need to do is find slapd.conf example for multi >> master. >> >> >> On Mon, Nov 24, 2014 at 11:29 AM, Dieter Klünter <[email protected] >> <mailto:[email protected]>> wrote: >> >> Am Mon, 24 Nov 2014 09:52:34 -0500 >> schrieb Guruprasad Kulkarni <[email protected] >> <mailto:[email protected]>>: >> >> > I have 2 questions regarding multi master replication: >> > >> > 1. I built openldap 2.4.40 from source and according to the >> makefile, >> > the module directory should be at /usr/local/libexec/openldap. >> > >> > However I do not see such a folder. Am I missing something? The >> > options I used with configure were "--enable-debug --enable-modules >> > --enable-hdb --enable-monitor --enable-ppolicy --enable-syncprov >> > --with-tls --with-cyrus-sasl" >> > >> > I am asking because the multi master replication example ( >> >http://www.openldap.org/doc/admin24/replication.html >> > <http://www.openldap.org/doc/admin24/replication.html#N-Way>) >> needs >> > me to load thesyncprov.la <http://syncprov.la> module, but I am >> not sure if the >> > modulepath given there is correct or not. >> >> You have probably not build dynamic loadable modules, but built-in >> modules. >> you should run ./configure --help | less, which will show proper build >> choices. >> > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > -- -Guruprasad
