Syncrepl: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→Liniks) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 2: | Zeile 2: | ||
==dump the config database to a text file== | ==dump the config database to a text file== | ||
*master:$ slapcat -F /etc/ldap/slapd.d -b cn=config -l config.ldif | *master:$ slapcat -F /etc/ldap/slapd.d -b cn=config -l config.ldif | ||
| + | =replicate account= | ||
| + | ==erstellen== | ||
| + | |||
| + | |||
==kopieren auch den slave== | ==kopieren auch den slave== | ||
*master:$ scp config.ldif slave: | *master:$ scp config.ldif slave: | ||
| + | |||
| + | cat admin.ldif | ||
| + | <pre> | ||
| + | dn: ou=admins,dc=linuggs,dc=de | ||
| + | objectClass: organizationalUnit | ||
| + | ou: admins | ||
| + | |||
| + | dn: uid=replicate,ou=admins,dc=linuggs,dc=de | ||
| + | cn: replicate | ||
| + | objectClass: posixAccount | ||
| + | objectClass: shadowAccount | ||
| + | objectClass: Account | ||
| + | objectClass: top | ||
| + | uid: replicate | ||
| + | uidNumber: 9001 | ||
| + | gidNumber: 9001 | ||
| + | homeDirectory: /home/replicate | ||
| + | loginShell: /bin/bash | ||
| + | </pre> | ||
| + | |||
=ldap slave= | =ldap slave= | ||
*slave:$ service slapd stop | *slave:$ service slapd stop | ||
Version vom 18. Dezember 2014, 15:53 Uhr
ldap master
dump the config database to a text file
- master:$ slapcat -F /etc/ldap/slapd.d -b cn=config -l config.ldif
replicate account
erstellen
kopieren auch den slave
- master:$ scp config.ldif slave:
cat admin.ldif
dn: ou=admins,dc=linuggs,dc=de
objectClass: organizationalUnit
ou: admins
dn: uid=replicate,ou=admins,dc=linuggs,dc=de
cn: replicate
objectClass: posixAccount
objectClass: shadowAccount
objectClass: Account
objectClass: top
uid: replicate
uidNumber: 9001
gidNumber: 9001
homeDirectory: /home/replicate
loginShell: /bin/bash
ldap slave
- slave:$ service slapd stop
anpassen der TLS parameter
config.ldif
olcTLSCACertificateFile: /etc/ldap/ssl/lin-ca.crt olcTLSCertificateFile: /etc/ldap/ssl/slave.linnugs.de.crt olcTLSCertificateKeyFile: /etc/ldap/ssl/slave.linuggs.de.key
einspielen der datenbank
- slave:$ rm -r /etc/ldap/slapd.d/*
- slave:$ slapadd -F /etc/ldap/slapd.d -b cn=config -l config.ldif
- slave:$ chown -R openldap.openldap /etc/ldap/slapd.d
- slave:$ service slapd start