backend provision samba4-ol-multimaster working

Andrew Bartlett abartlet at
Fri Aug 15 23:04:17 GMT 2008

On Fri, 2008-08-15 at 23:11 +0200, Oliver Liebel wrote:
> hi andrew,
> as you have said:
> > The biggest challenge will be making the
> > configuration completely general (ie, working for any number of
> > replicas). 
> here are the good news: i got the provision-backend script working with 
> (n) mmr-servers now, tested it with 4 ...


> the provisioning-backend script takes now --ol-mmr-urls=<list of (n) 
> whitespace-separated urls> as
> input, the urls are splitted internally; thanks to michael for the 
> "(none,*.split(' '))"-tip.
> i made use of all mmr-related pre-configured variables, but i didnt
> made it with templating. instead, the script generates 4 configs on the 
> fly with everything needed:
> - auto-generated server-ids with correspondig ldap-urls:<port>

Nicely done.

> - replica -blocks for all 3 subcontexts (schema|config|user) with 
> auto-generated rids, provider-dns, searchbases and binddns for every 
> mmr-node
> which are included into slapd.conf.

I would still really prefer it used the template system (rather than the
hand-pasted strings).  It makes it much easier to see the options that
can be modified, from the set of templates rather than deep in  

> if mmr is not chosen during setup, the confs are created empty with just 
> a comment line (### no mmr config active ###).
> so the include-statements dont cause any trouble.
> the advantage of the excluded confs is a more clearly structure of 
> slapd.conf,
> in particular when a high count of mmr-nodes has been set up.

This is also how I used to have the memberOf configuration.  I moved it
into the main file so that when I filed bugs with the OpenLDAP folks,
everything important was in a single file.  

I don't mind too much, but perhaps include it in the slapd.conf for now,
and we can move them both out as a separate patch?

> apropos high count of mmr-nodes:
> although its surely a nice feature to use (n) ol- (or fds-) server in 
> multimaster-setup
> configuration -  maybe we should mark with a little comment during 
> setup, that a
> high count of mmr-servers may (or better -will-) cause a lot of 
> additional traffic on the net.

How much?  What is the replication topology?

> phhh... think i got me a beer or two tomorrow, before i start with the 
> to-do list ;-)

You deserve it, you have done very well. 


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list