openldap同步 syncrepl

时间 2020-02-16

标签 openldap 同步 syncrepl 栏目 Unix 繁體版

原文原文链接

ldap同步linux

环境：redhat 6.0 64位session

selinux关闭，iptables刷掉ide

服务端spa

/etc/init.d/slapd stop 确保服务端和客户端slapd服务所有中止ip

vi /etc/openldap/slapd.conf同步

moduleload syncprov.la 添加模块模块路径位/usr/lib64/openldap 64位系统it

#######################################################################
# ldbm and/or bdb database definitions
#######################################################################io

database    bdb
suffix        "dc=westos.org"
checkpoint    1024 15
rootdn        "cn=Manager,dc=westos.org"
rootpw        westos
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100table

access to *
by dn.exact="cn=Manager,dc=westos.org" read
by * noneclass

scp /var/lib/ldap/* 192.168.0.10:/var/lib/ldap/ 拷贝文件到客户端，在客户端要修改拷贝文件的所属人和所属组位ldap

客户端

启动服务端slapd服务，而后启动客户端slapd服务，完成，删除服务端的用户端，客户端也会同步到，完成！

vi /etc/openldap/slapd.conf

database    bdb
suffix        "dc=westos.org"
checkpoint    1024 15
rootdn        "cn=Manager,dc=westos.rog"
rootpw        westos

syncrepl rid=001
    provider=ldap://192.168.0.100:389
    type=refreshOnly
    searchbase="dc=westos.org"
    attrs=*
    schemachecking=off
    bindmethod=simple
    binddn="cn=Manager,dc=westos.org"
    credentials="westos"
    retry="60 +"
access to *         by dn.exact="cn=Manager,dc=westos.org" read         by * none