openldap同步 syncrepl

ldap同步

环境 ：redhat 6.0 64位

selinux关闭，iptables刷掉

服务端

/etc/init.d/slapd stop                             确保服务端和客户端slapd服务全部停止

vi /etc/openldap/slapd.conf

 

moduleload syncprov.la 添加模块                模块路径位/usr/lib64/openldap   64位系统

#######################################################################
# ldbm and/or bdb database definitions
#######################################################################

database    bdb
suffix        "dc=westos.org"
checkpoint    1024 15
rootdn        "cn=Manager,dc=westos.org"
rootpw        westos
overlay syncprov                                          
syncprov-checkpoint 100 10
syncprov-sessionlog 100

access to *
        by dn.exact="cn=Manager,dc=westos.org" read
        by * none

scp /var/lib/ldap/* 192.168.0.10:/var/lib/ldap/  拷贝文件到客户端，在客户端要修改拷贝文件的所属人和所属组位ldap

客户端

 

 

启动服务端slapd服务，然后启动客户端slapd服务，完成，删除服务端的用户端，客户端也会同步到，完成！

 

vi /etc/openldap/slapd.conf

database    bdb
suffix        "dc=westos.org"
checkpoint    1024 15
rootdn        "cn=Manager,dc=westos.rog"
rootpw        westos

syncrepl rid=001
    provider=ldap://192.168.0.100:389
    type=refreshOnly
    searchbase="dc=westos.org"
    attrs=*
    schemachecking=off
    bindmethod=simple
    binddn="cn=Manager,dc=westos.org"
    credentials="westos"
    retry="60 +"
access to *
        by dn.exact="cn=Manager,dc=westos.org" read
        by * none