Caution:1.If master ldapserver has data,we should first scp /var/lib/ldap/* $ip:/var/lib/ldap/
chown ldap.ldap *
2.Config file has its' order like this
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
# enable monitoring
database monitor
# allow onlu rootdn to read the monitor
access to *
by dn.exact="cn=Manager,dc=example,dc=com" read
by * none
You Can't edit it like this
# enable monitoring
database monitor
# allow onlu rootdn to read the monitor
access to *
by dn.exact="cn=Manager,dc=example,dc=com" read
by * none
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
Config file need edit like this................
Master
moduleload syncprov.la
database bdb
suffix "dc=example,dc=com"
checkpoint 1024 15
rootdn "cn=Manager,dc=example,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw westos
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
access to *
by dn.exact="cn=Manager,dc=example,dc=com" read
by * none
SLAVE:.......................
besides master's words except
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
&add
syncrepl rid=001
provider=ldap://192.168.0.66:389
type=refreshAndPersist
searchbase="dc=example,dc=com"
attrs=*
schemachecking=off
bindmethod=simple
binddn="cn=Manager,dc=example,dc=com"
credentials="westos"
retry="60 +"
转载于:https://blog.51cto.com/371447215/978633