ldap_sync

Caution:1.If master ldapserver has data,we should first scp /var/lib/ldap/* $ip:/var/lib/ldap/

chown ldap.ldap *

2.Config file has its' order like this

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

# enable monitoring
database monitor

# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=Manager,dc=example,dc=com" read
        by * none

   You Can't edit it like this

# enable monitoring
database monitor

# allow onlu rootdn to read the monitor
access to *
        by dn.exact="cn=Manager,dc=example,dc=com" read
        by * none

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

 

 

Config file need edit like this................

Master

moduleload syncprov.la

database        bdb
suffix          "dc=example,dc=com"
checkpoint      1024 15
rootdn          "cn=Manager,dc=example,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          westos

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

access to *
        by dn.exact="cn=Manager,dc=example,dc=com" read
        by * none

SLAVE:.......................

besides master's words except

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

&add

syncrepl rid=001
        provider=ldap://192.168.0.66:389
        type=refreshAndPersist
        searchbase="dc=example,dc=com"
        attrs=*
        schemachecking=off
        bindmethod=simple
        binddn="cn=Manager,dc=example,dc=com"
        credentials="westos"
        retry="60 +"
 

转载于:https://blog.51cto.com/371447215/978633