如何在 OPENLDAP 中配置镜像节点
How to configure mirror node in OPENLDAP
我有两个 OpenLDAP 服务器:x.x.x.x:389 和 y.y.y.y:389。
我的 slapd.conf 第一台服务器:
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ******
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverID 1
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
mirrormode on
sldap.conf 第二个服务器:
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ****
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverID 2
#database section
syncrepl rid=001
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
mirrormode on
两台服务器都是 运行,但一台服务器尝试获取条目但不复制任何数据。
我的配置有什么问题吗?
我更改了一些内容,现在可以使用了。我在这里分享我的 conf 文件。
slapd.conf 第一台服务器
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ******
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverid 1 // I changed serverID 1 to serverid 1
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
syncrepl rid=002 // added this
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=secret
searchbase="dc=my-domain,dc=com"
schemachecking=on
type=refreshAndPersist
interval=00:00:00:05
retry="60 +"
mirrormode TRUE // I changed on to TRUE
slapd.conf 第二台服务器
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ****
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverid 2 //serverID --> serverid
#database section
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
syncrepl rid=002 //added this
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=secret
searchbase="dc=my-domain,dc=com"
schemachecking=on
type=refreshAndPersist
interval=00:00:00:05
retry="60 +"
mirrormode TRUE // on --> TRUE
我有两个 OpenLDAP 服务器:x.x.x.x:389 和 y.y.y.y:389。
我的 slapd.conf 第一台服务器:
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ******
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverID 1
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
mirrormode on
sldap.conf 第二个服务器:
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ****
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverID 2
#database section
syncrepl rid=001
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
mirrormode on
两台服务器都是 运行,但一台服务器尝试获取条目但不复制任何数据。 我的配置有什么问题吗?
我更改了一些内容,现在可以使用了。我在这里分享我的 conf 文件。
slapd.conf 第一台服务器
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ******
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverid 1 // I changed serverID 1 to serverid 1
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
syncrepl rid=002 // added this
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=secret
searchbase="dc=my-domain,dc=com"
schemachecking=on
type=refreshAndPersist
interval=00:00:00:05
retry="60 +"
mirrormode TRUE // I changed on to TRUE
slapd.conf 第二台服务器
include /usr/local/etc/openldap/schema/core.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_mdb.la
moduleload back_ldap.la
moduleload syncprov.la
database mdb
maxsize 1073741824
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw ****
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
overlay syncprov
#Global section
serverid 2 //serverID --> serverid
#database section
syncrepl rid=001
provider=ldap://y.y.y.y:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=****
searchbase="dc=my-domain,dc=com"
type=refreshAndPersist
interval=00:00:00:05
retry="5 5 300 5"
timeout=1
syncrepl rid=002 //added this
provider=ldap://x.x.x.x:389
binddn="cn=Manager,dc=my-domain,dc=com"
bindmethod=simple
credentials=secret
searchbase="dc=my-domain,dc=com"
schemachecking=on
type=refreshAndPersist
interval=00:00:00:05
retry="60 +"
mirrormode TRUE // on --> TRUE