Hi! General FAQ on openldap replication:
https://www.openldap.org/faq/data/cache/1170.html Use the "syncrepl" configuration directive. On the page https://www.openldap.org/faq/data/cache/1117.html there's a configuration example about how to replicate an entire LDAP tree: --clip-- syncrepl rid=1 provider=ldap://ldap1.my.org:389 type=refreshAndPersist retry="60 +" searchbase="o=my.org,c=us" filter="(objectClass=*)" scope=sub attrs="*,+" schemachecking=off bindmethod=simple binddn="cn=syncuser,o=my.org,c=us" credentials=syncpass updateref ldap://ldap1.my.org --clip-- Note the options 'searchbase', 'filter', 'scope' and 'attrs' that define the LDAP search used to select which objects to replicate. You can set them in the same way you would using ldapsearch to only replicate those objects you need to replicate. Best, Janne P. On Wed, Jan 13, 2021 at 12:13:43PM +0200, Harri T. wrote: > Hi, > > Is it possible to integrate two OpenLDAP servers so that some users > (filtered by some criteria) are replicated from one server to another (but > not vice versa)? > > Does OpenLDAP provide some functionalties for this or must I write a cron > scheduled shell script utilizing ldapsearch and ldapmodify? > > Any advice or configuration example is appreciated. > > Kind regards, > > Harri
