4 069
contributi
Implementare un'architettura ridondante master/slave OpenLDAP: differenze tra le versioni
Implementare un'architettura ridondante master/slave OpenLDAP (visualizza wikitesto)
Versione delle 18:06, 23 set 2008
, 23 set 2008→Lo slave server LDAP
| Riga 85: | Riga 85: | ||
===Lo slave server LDAP=== | ===Lo slave server LDAP=== | ||
Per lo slave server LDAP è sufficiente prendere il file originale di configurazione e aggiungere la sezione in '''grassetto''': | |||
<tt> | |||
: # Allow LDAPv2 binds | |||
: allow bind_v2 | |||
: # Schema and objectClass definitions | |||
: include /etc/ldap/schema/core.schema | |||
: include /etc/ldap/schema/cosine.schema | |||
: include /etc/ldap/schema/nis.schema | |||
: include /etc/ldap/schema/inetorgperson.schema | |||
: include /etc/ldap/schema/samba.schema | |||
: pidfile /var/run/slapd/slapd.pid | |||
: argsfile /var/run/slapd/slapd.args | |||
: '''loglevel sync''' | |||
: modulepath /usr/lib/ldap | |||
: moduleload back_bdb | |||
: sizelimit 500 | |||
: tool-threads 1 | |||
: backend bdb | |||
: checkpoint 512 30 | |||
: database bdb | |||
: suffix "dc=dominio,dc=local" | |||
: rootdn "cn=admin,dc=dominio,dc=local" | |||
: rootpw "password" | |||
: directory "/var/lib/ldap" | |||
: dbconfig set_cachesize 0 2097152 0 | |||
: dbconfig set_lk_max_objects 1500 | |||
: dbconfig set_lk_max_locks 1500 | |||
: dbconfig set_lk_max_lockers 1500 | |||
: index objectClass eq | |||
: index uid,uidNumber,gidNumber,memberUid eq | |||
: index cn,mail,surname,givenname eq,subinitial | |||
: index sambaSID eq | |||
: index sambaPrimaryGroupSID eq | |||
: index sambaDomainName eq | |||
: lastmod on | |||
: access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword | |||
: by dn="cn=admin,dc=dominio,dc=local" write | |||
: by anonymous auth | |||
: by self write | |||
: by * none | |||
: access to dn.base="" by * read | |||
: access to * | |||
: by dn="cn=admin,dc=dominio,dc=local" write | |||
: by * read | |||
: '''syncrepl rid=1''' | |||
: '''provider=ldap://INDIRIZZO.IP.DEL.MASTER:389''' | |||
: '''type=refreshAndPersist''' | |||
: '''searchbase=”dc=dominio,dc=local” | |||
: '''filter=”(objectClass=*)”''' | |||
: '''scope=sub''' | |||
: '''schemachecking=off''' | |||
: '''bindmethod=simple''' | |||
: '''binddn=”uid=replicant,ou=Users,dc=dominio,dc=local”''' | |||
: '''credentials=ReplicantPassword''' | |||