[Samba] LDAP backend replication?

nyali nauman.yousuf at gmail.com
Sun Apr 17 11:45:32 MDT 2011 

hi jakov

i am using LDAP for my central authentication with kerberos backen db (ldap)
, samba , mail srever(postfix) . my all servers all running debian etch with
slapd 2.3 . I use slurpd for replication to all my ldap slave servers , my
master pulls to slave.  Now i am upgrading one by one all my servers to
lenny. I upgrade my LDAP server first to lenny and all my kerberos and
postfix are running on lenny all ok but this make slapd 2.4 and its my
master server , all slave are not getting replicated updates as they were on
slurpd . i am changing them in synrepl. my master slapd.conf is 


# MD5SUM:
#
allow           bind_v2
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/hdb.schema
include         /etc/ldap/schema/qmail.schema
include         /etc/ldap/schema/ISPEnv2.schema
include         /etc/ldap/schema/samba.schema
include         /etc/ldap/schema/evolutionperson.schema
include         /etc/ldap/schema/sudo.schema

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        0

modulepath      /usr/lib/ldap
moduleload      back_bdb
moduleload      smbk5pwd.so
moduleload      syncprov.so


sizelimit 500
tool-threads 1

backend         bdb
database        bdb
overlay         smbk5pwd
overlay         syncprov

suffix          "dc=example,dc=pk"
directory       "/var/lib/ldap"
checkpoint      128 5
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500

#syncprov-checkpoint 1 1
syncprov-checkpoint 100  10
syncprov-sessionlog 200
syncprov-nopresent TRUE
syncprov-reloadhint TRUE


#
# Indexes for BDB
#
index   objectClass,uid,uidNumber,gidNumber,memberUid   eq
index   cn                      eq,subinitial,pres
index   mail                    pres,eq
index   krb5PrincipalName,krb5PrincipalRealm pres,eq
index   sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
index   sudoUser                                        eq
index   entryCSN,entryUUID                      eq
lastmod         on

#
# SASL settings
#
sasl-realm      EXAMPLE.PK
sasl-host       hades.example.pk
sasl-secprops   minssf=0
sasl-regexp uid=(.*),cn=example.pk,cn=gssapi,cn=auth
uid=$1,ou=people,dc=example,dc=pk
sasl-regexp "gidnumber=0\\\+uidnumber=0,cn=peercred,cn=external,cn=auth"
"krb5PrincipalName=example/admin at example.pk,ou=kerberos,dc=example,dc=pk"

#
# Password hashes
#
#password-hash {K5KEY}

#
# TLS and SSL support
#
#TLSCertificateFile      /etc/ssl/server-certs/hades-server.crt
#TLSCertificateKeyFile   /etc/ssl/server-keys/hades-server.key

#
# ACL Include file
#
include /etc/ldap/slapd.access

#
# Define replication
#


slave slapd.conf

syncrepl rid=1
  provider=ldap://hades.pk:389
    type=refreshAndPersist
            searchbase="dc=example,dc=pk"
                filter="(objectClass=*)"
                scope=sub
                schemachecking=off
                    bindmethod=simple
                        binddn="cn=admin,dc=example,dc=pk"
                            credentials=123
                          logbase="cn=deltalog"
                         
logfilter="(&(objectClass=auditWriteObject)(reqResult=0))"



please help me what i am missing





--
View this message in context: http://samba.2283325.n4.nabble.com/LDAP-backend-replication-tp2456235p3455829.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list