Hi folks. I am familiar with OpenLDAP, Kerberos, SASL, GSSAPI.. all the fun things you need for transparent SSO in a heterogenous organization :) I'm hitting a few walls here that I am guessing folks will be able to help me around..so here goes.. and please feel free to point me at RTFM! I have hit the google hammer quite a bit on these and have found very little to help.
First - Replication. Ok.. I have done syncrepl wih OpenLDAP etc, but the draw for me in ApacheDS was Multi-master (supposedly available in M12!). I have a need to have several geographically distant LDAP masters operating simultaneously, and this would be difficult otherwise. Problem: What am I missing? I setup three ApacheDS servers running fine. I can connect to each. Lets call them s1, s2 and s3. s1 is my local master, so first I setup Replication there, using the configuration manager, and pointed it at s2 and s3. I set the replication base to be dc=foo, dc=com.. saved the config .. made the dc=foo,dc=com partition on the slaves by hand, and then restarted all 3 servers (s2 and s3 before s1). Nada! I created an entry on s1 under dc=foo, dc=com and nothing happened. After some futzing around, I even managed to get the entry I created on s1 to disappear from s1 (restarting the other servers and then restarting s1 again) which.. to say the least.. is a bit vexing. So, do I need to setup some attributes on the other servers by hand? using the standard LDIFs? I'm obviously missing something, but this is multi master (I am told) and so I am guessing something is sort of working, since the entry I created on s1 disappeared! Direction and hints as to process are very appreciated! -- Timothy Balcer / IT Services Telmate / San Francisco, CA Direct / (415) 300-4313 Customer Service / (800) 205-5510
