LDAP replication

Configuring slurpd and a slave slapd instance

To bring up a replica slapd instance, you must configure the master and slave slapd instances for replication, then shut down the master slapd so you can copy the database. Finally, you bring up the master slapd instance, the slave slapd instance, and the slurpd instance. These steps are as follows (you can set up as many slave slapd instances as you wish):

  1. Set up the master slapd. Be sure that the slapd instance is working properly before proceeding. Be sure to do the following in the master slapd configuration file:

    1. Add a replica directive for each replica. The binddn parameter should match the updatedn option in the corresponding slave slapd configuration file, and should name an entry with write permission to the slave database (for example, an entry listed as rootdn, or allowed access via access directives in the slave slapd configuration file).

    2. Add a replogfile directive, which tells slapd where to log changes. This file will be read by slurpd.

  2. Set up the slave slapd

    Install the slapd software on the host which is to be the slave slapd server. The configuration of the slave server should be identical to that of the master, with the following exceptions:

  3. Shut down the master slapd

    In order to ensure that the slave starts with an exact copy of the master's data, you must shut down the master slapd. Do this by sending the master slapd process an interrupt signal with kill -TERM pid, where pid is the process ID of the master slapd process.

    If you like, you may restart the master slapd in read-only mode while you are replicating the database. During this time, the master slapd will return an unwilling to perform error to clients that attempt to modify data.

  4. Copy the master slapd's database to the slave

    Copy the master's database(s) to the slave. For an LDBM-based database, you must copy all index files as well as the NEXTID file. Index files will have a different suffix depending on the underlying database package used. The current possibilities are as follows:

    dbb
    Berkeley DB B-tree backend

    dbh
    Berkeley DB hash backend

    You should copy all files with such a suffix that are located in the index directory specified in your slapd configuration file.

  5. Configure the master slapd for replication

    To configure slapd to generate a replication logfile, you add a replica configuration option to the master slapd's configuration file. For example, if we wish to propagate changes to the slapd instance running on host caymen.rs.itd.antbear.com: 

       replica    host=cayman.rs.itd.antbear.com:389
              binddn="cn=Replicator, o=Antbear, Lucid & Popp, c=US"
              bindmethod=simple credentials=secret
    In this example, changes will be sent to port 389 (the standard LDAP port) on host cayman. The slurpd process will bind to the slave slapd as ``cn=Replicator, o=Antbear, Lucid & Popp, c=US'', using simple authentication with password secret. Note that the entry given by the binddn directive must exist in the slave slapd's database (or be the rootdn specified in the slapd configuration file) in order for the bind operation to succeed.

  6. Restart the master slapd and start the slave slapd

    Restart the master slapd process. To check that it is generating replication logs, perform a modification of any entry in the database, and check that data has been written to the log file.

  7. Start slurpd

    Start the slurpd process. slurpd should immediately send the test modification you made to the slave slapd. Watch the slave slapd's logfile to be sure that the modification was sent. 

       slurpd -f masterslapdconfigfile
© 1999 The Santa Cruz Operation, Inc. All rights reserved.
UnixWare 7 Release 7.1.1 - 5 November 1999