Pages

Saturday, July 20, 2013

Openldap Replication- Multimaster

Below are the LDAP server participating in multimaster configuration. Operating System used is Centos6.3
masterldap1.fireblade.com - 192.168.56.191
masterldap2.fireblade.com - 192.168.56.192
masterldap3.fireblade.com - 192.168.56.193


Install Openldap in all the Machines(192.168.56.191.192.168.56.192,192.168.56,193) 
# yum install openldap-*

Setup Openldap configuration environment 
# cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf

# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

# chown ldap.ldap /var/lib/ldap/DB_CONFIG

# rm -rf /etc/openldap/slapd.d/*

Configure the Domain and set Manager password in all the systems. 


# vim /etc/openldap/slapd.conf 





database        bdb
suffix          "dc=fireblade,dc=com"
checkpoint      1024 15
rootdn          "cn=Manager,dc=fireblade,dc=com"
 

rootpw          redhat


Save and above in all the three servers.

Enable syncprov module by commenting it in /etc/openldap/slapd.conf in all the three servers 
moduleload syncprov.la
Save the configuration file.

Go to masterldap1.fireblade,com(192.168.56.191) and enter the below configuration at the end of the file.


                      1. REPLICATION CONFIGURATION################### 
serverID 001
syncrepl rid=000
 provider=ldap://192.168.56.192
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat



syncrepl rid=001
 provider=ldap://192.168.56.193
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat

index entryCSN eq
index entryUUID eq

mirrormode TRUE

overlay syncprov

syncprov-checkpoint 100 10

Save the configuration.

Go to second server masterldap2.fireblade.com (192.168.56.192) and write the below configuration in /etc/openldap/slapd.conf at the end of it. 
serverID 002
syncrepl rid=000
 provider=ldap://192.168.56.191
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat



syncrepl rid=001
 provider=ldap://192.168.56.193
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat

index entryCSN eq
index entryUUID eq

mirrormode TRUE

overlay syncprov

syncprov-checkpoint 100 10

Save the above configuration.


Go to Third server and write the below configuration at the end of configuration file /etc/openldap/slapd.conf





serverID 003 syncrepl rid=000 
 provider=ldap://192.168.56.191
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat

syncrepl rid=001 
 provider=ldap://192.168.56.192
 type=refreshAndPersist
 retry="5 5 300 +"
 searchbase="dc=fireblade,dc=com"
 attrs="*,+"
 bindmethod=simple
 binddn="cn=manager,dc=fireblade,dc=com"
 credentials=redhat
index entryCSN eq index entryUUID eq
mirrormode TRUE 
overlay syncprov
syncprov-checkpoint 100 10

Save the configuration.

Start LDAP in all the servers by running below command 


# /etc/init.d/slapd start
Posted by at
Labels:

3 comments:

  1. IshanOctober 21, 2013 at 8:57 AM

    How to check ldap replication goes on or not in ubuntu.

    ReplyDelete
  2. ronnyNovember 12, 2013 at 7:23 PM

    ls: cannot access /etc/openldap/slapd.d//cn=config/olcDatabase*.ldif: No such file or directory

    ReplyDelete
    Replies
    1. ronnyNovember 12, 2013 at 7:27 PM

      slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d

      Delete

Subscribe to: Post Comments (Atom)