Hello Tian, You could use:
-On the master: # cn\=config.ldif olcServerID: 001 ldap://ldap01.example.com # cn\=config/olcDatabase\=\{1\}hdb.ldif: olcSyncrepl: {0}rid=001 provider=ldap://ldap01.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcSyncrepl: {1}rid=002 provider=ldap://ldap02.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcSyncrepl: {2}rid=003 provider=ldap://ldap03.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcSyncrepl: {3}rid=004 provider=ldap://ldap04.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcMirrorMode: TRUE -On one of the consumers: cn\=config.ldif olcServerID: 002 ldap://ldap02.example.com #cn\=config/olcDatabase\=\{1\}hdb.ldif olcSyncrepl: {0}rid=002 provider=ldap://ldap02.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcSyncrepl: {1}rid=001 provider=ldap://ldap01.example.com binddn="cn=admin,dc=example,dc=com" bindmethod=simple credentials=secret searchbase="dc=example,dc=com" type=refreshAndPersist interval=00:00:00:10 retry="5 5 100 +" timeout=3 olcMirrorMode: TRUE Like that, it works perfectly. Librement, ------ Francois Trachez (kiko) Team Fedora|Lyon (France) http://stg.fedoraproject.org/fr/ http://stg.fedoraproject.org/es/ 2013/2/28 Tian Zhiying <tianzy1...@thundersoft.com> > ** > Hi, Clément > > “The referal must be managed by the client. If not, configure your client > to access to master directly.” Sorry, I don't understand. > Can be a little more detail. > > The following is my configuration,any problem? > Master Configuration: > allow bind_v2 > pidfile /var/run/openldap/slapd.pid > argsfile /var/run/openldap/slapd.args > access to * > by * write > database bdb > suffix "dc=domain,dc=com" > rootdn "cn=root,dc=domain,dc=com" > overlay ppolicy > rootpw {SSHA}DyNIn6rweGRnQP0ntGaZxynMllSA3/w4 > directory /var/lib/ldap > index objectClass eq,pres > index ou,cn,mail,surname,givenname eq,pres,sub > index uidNumber,gidNumber,loginShell eq,pres > index uid,memberUid eq,pres,sub > index nisMapName,nisMapEntry eq,pres,sub > replogfile /var/lib/ldap/openldap-master-replog > loglevel 4095 > replica host=192.168.70.15:389 > binddn="cn=sa,dc=domain,dc=com" > bindmethod=simple credentials=miao3p > > > Slave Configuration: > allow bind_v2 > pidfile /var/run/openldap/slapd.pid > argsfile /var/run/openldap/slapd.args > access to * > by * write > database bdb > suffix "dc=domain,dc=com" > rootdn "cn=root,dc=domain,dc=com" > overlay ppolicy > rootpw {SSHA}sgBwprgmRciOEGTLjE5K9J22msm+U9NW > directory /var/lib/ldap > index objectClass eq,pres > index ou,cn,mail,surname,givenname eq,pres,sub > index uidNumber,gidNumber,loginShell eq,pres > index uid,memberUid eq,pres,sub > index nisMapName,nisMapEntry eq,pres,sub > updatedn "cn=sa,dc=domain,dc=com" > updateref ldap://192.168.100.11:389 > > > ------------------------------ > Tian Zhiying > > *From:* Clément OUDOT <clem.ou...@gmail.com> > *Date:* 2013-02-28 17:33 > *To:* tianzy1225 <tianzy1...@thundersoft.com> > *CC:* ltb-users <ltb-users@lists.ltb-project.org> > *Subject:* Re: Re: [Ltb-users] OpenLDAP slave-master synchronization > problem > > > 2013/2/28 Tian Zhiying <tianzy1...@thundersoft.com> > >> ** >> Hi, Clément >> >> "Updateref" can not return clients requests to master server? Now I had >> configred it, but when I modify the entries, result a error: >> >> > > > The referal must be managed by the client. If not, configure your client > to access to master directly. > > Clément. > > _______________________________________________ > ltb-users mailing list > ltb-users@lists.ltb-project.org > http://lists.ltb-project.org/listinfo/ltb-users > >
_______________________________________________ ltb-users mailing list ltb-users@lists.ltb-project.org http://lists.ltb-project.org/listinfo/ltb-users
