|
Setup two OpenLDAP servers, one Master, one Slave, so when an entry in
one of the servers is changed it is automatically changed in the other
server. This is handy so you can distribute the load between the two
servers, use one of the servers for one set of programs and use the
other server for a different set of programs.
Name: OpenLDAP
HomePage: http://www.openldap.org/
Function: OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol
Master: /etc/openldap/slapd.conf slapd.conf:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database bdb
suffix "dc=fedora,dc=directory,dc=server"
rootdn "cn=Manager,dc=fedora,dc=directory,dc=server"
rootpw {SSHA}diiNsDR8wERa2urlW2dRR2X6EuDmEQCs
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
replogfile /var/lib/ldap/openldap-master-replog
access to *
by * read
replica host=mc1.fedora.directory.server:389
suffix="dc=fedora,dc=directory,dc=server"
binddn="cn=Manager,dc=fedora,dc=directory,dc=server"
credentials=billabong
bindmethod=simple
tls=yes
|
Slave: /etc/openldap/slapd.conf
slapd.conf:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database bdb
suffix "dc=fedora,dc=directory,dc=server"
rootdn "cn=Manager,dc=fedora,dc=directory,dc=server"
rootpw {SSHA}diiNsDR8wERa2urlW2dRR2X6EuDmEQCs
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
access to *
by * read
updatedn cn=manager,dc=fedora,dc=directory,dc=server
updateref ldap://mc2.fedora.directory.server
|
1. Copy the ldap.conf & slapd.conf files into the '/etc/openldap/' directory approperate Master/Slave servers & start the openldap servers.
/etc/init.d/ldap start
2. Make the following domain file domain.ldif
nano /tmp/domain.ldif
domain.ldif:
dn: dc=fedora,dc=directory,dc=server
objectclass: dcobject
objectClass: organization
o: Fedora Directory Server
dc: Fedora
|
3. Run the following command on the master server to add root directory of the LDAP tree
ldapadd -x -D cn=Manager,dc=fedora,dc=directory,dc=server -W -f /tmp/domain.ldif -h localhost
4. After you have setup your master OpenLDAP server then export the ldif file and copy it over to the slave server.
slapcat -l /tmp/master.ldif
5. Change to the OpenLDAP slave server, now add the master.ldif file to the slave OpenLDAP server.
ldapadd -x -D cn=Manager,dc=fedora,dc=directory,dc=server -W -f /tmp/master.ldif -h localhost
6. Now start the both the Master/Slave servers.
slave server: /etc/init.d/ldap start
master server: /etc/init.d/ldap start
I suggest you try and install a LDAP gui and test it out by adding and deleting LDAP entries.
BookMarking:
cell1
|
|
cell3 |
|
cell4
|
|
Trouble Shooting:
Go to the wiki page
Go to the 'Contact Us ' Forum
Go to the how-to's Support Forum
External Links:
http://www.openldap.org/doc/admin23/replication.html
http://docs.hp.com/en/5991-7504/ar01s06.html |
