Ldap Replication: how and when?

Tomasz Chmielewski mangoo at mch.one.pl
Mon Oct 3 21:41:48 CEST 2005 

Fabio Pietrosanti schrieb:
> Hi,
> 
> Are there some way to "force" a replica from the master ldap server to a
> slave one?
> 
> i'm setting up a quite complex and distributed kolab infrastructure.
> There are dedicated smtp servers, dedicated antivirus, dedicated mail
> backend in HA, dedicated ldap server in HA, dedicated web frontend,
> dedicated imap proxy (perdition).
> 
> Kolab doesn't support nativelly the separation of it's own components
> but modifying configuration files along with some php scripts seems to
> make it working.
> 
> I installed the redundant ldap servers as a master kolab server, then
> every other components (smtp, antivirus, mailbackend, frontend,
> imaproxy) as a slave kolab servers.
> I modified rc.conf to have only the needed services started on boot.
> 
> I'm happy to have every components that talks to local ldap cache (smtp
> server do their query to local ldap cache for example), however during
> tests i had to manage a desyncronization of ldap replica.
> 
> One of the smtp server stopped receiving  ldap replicas and i cannot
> find a way to have them resync with the master ldap server.
> 
> Are there some way to "force" a replica from the master ldap server to a
> slave one?

AFAIK, there is no way to "force a replica".
Having said that, although I don't understand your setup a bit, 
replication should be handled automatically, including error handling 
such as loss of connectivity.

I have couple of OpenLDAP master - slave setups, including ones having 
30 slaves; they conect over WAN/VPN (with ADSL sometimes failing for 
several hours), no problems so far.

When master can't connect to a slave, it will retry later - so unless 
you have severe network problems which last more then a couple of days, 
it should recover automatically.


If you have the same (or similar) versions of OpenLDAP on a master and a 
slave (which is desynchronized), simply stopping OpenLDAP on a master, 
copying the database to a slave (with OpenLDAP stopped on a slave) 
should do the job for you.


Of couse, double check your config, network setup on a slave in 
question, then check for example with iptraf (on a slave and on th 
master) if packets go both ways when you modify something on a slave etc.


If you have more questions (including where to find which slaves are in 
sync, how to find it etc.) you will have more luck on OpenLDAP user list.


-- 
Tomek
http://wpkg.org
WPKG - software deployment and upgrades with Samba

More information about the users mailing list