My Solution
- Master server:
- edit configration in /etc/ldap/slapd.conf, append following:
## syncrepl provider
index entryCSN,entryUUID eq
moduleload syncprov.la
overlay syncprov
syncprov-checkpoint 10 5
syncprov-sessionlog 100
- Slave server:
- edit /etc/ldap/slapd.conf, append:
## syncrepl consumer
index entryCSN,entryUUID eq
syncrepl rid=123
provider=ldap://master-ldap.example.org:389
type=refreshOnly
interval=00:00:01:00
searchbase="dc=example,dc=org"
filter="(objectClass=*)"
attrs="*"
scope=sub
schemachecking=off
bindmethod=sasl
saslmech=DIGEST-MD5
authcid="admin"
credentials="Password"
- Note: in my case, I am using SASL DIGEST-MD5. Read the references if you want to use simple bind. Detail about how to enable SASL on openldap server, see here
- Restart Master slapd then Slave slapd.
No comments:
Post a Comment