[[replica]]
Trace:
Show pageOld revisions
AdminRecent ChangesSitemap

* ancien site

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
docpublic:systemes:ldap:ldapc8reppartiel [2020/02/13 16:05]
procacci@tem-tsp.eu [replica] 		docpublic:systemes:ldap:ldapc8reppartiel [2020/02/15 07:46] (current)
procacci@tem-tsp.eu [acl]
Line 7: Line 7:
   * https://www.vincentliefooghe.net/content/openldap-surveiller-et-contr%C3%B4ler-la-r%C3%A9plication   * https://www.vincentliefooghe.net/content/openldap-surveiller-et-contr%C3%B4ler-la-r%C3%A9plication
   * https://pratapsatve.wordpress.com/2017/11/11/replication-of-the-openldap-server/   * https://pratapsatve.wordpress.com/2017/11/11/replication-of-the-openldap-server/
 +  * https://linux.die.net/man/5/slapd.conf => syncrepl parameters
 +  * https://stackoverflow.com/questions/45161477/how-to-remove-all-records-from-ldap
  
 ===== package ltb-project ===== ===== package ltb-project =====
Line 42: Line 44:
 # continue pour que repint puisse lire dans la replication son propre pass et pas seulement faire du auth  # continue pour que repint puisse lire dans la replication son propre pass et pas seulement faire du auth 
 # cf https://www.vincentliefooghe.net/content/les-acl-dans-openldap # cf https://www.vincentliefooghe.net/content/les-acl-dans-openldap
 +# finalement pas utile car pour etre self il faut d'abord etre authentifié ! 
 access to attrs=userPassword access to attrs=userPassword
         by self                                     auth continue         by self                                     auth continue
Line 126: Line 129:
 # attribut userpassword, utile ici uniquement pour le compte DSA cn=rep # attribut userpassword, utile ici uniquement pour le compte DSA cn=rep
 access to attrs=userPassword access to attrs=userPassword
-        by self                                                 auth 
         by anonymous                                            auth         by anonymous                                            auth
         by dn="cn=rep,ou=dsa,dc=int,dc=fr"          read         by dn="cn=rep,ou=dsa,dc=int,dc=fr"          read
Line 162: Line 164:
  bindmethod=simple  bindmethod=simple
  retry="60 10 300 +"  retry="60 10 300 +"
 +                keepalive="240:10:30"
  binddn="cn=rep,ou=dsa,dc=int,dc=fr"  binddn="cn=rep,ou=dsa,dc=int,dc=fr"
         credentials="secretreplica"         credentials="secretreplica"
 updateref       ldaps://master.int.eu:636 updateref       ldaps://master.int.eu:636
 +</code>
 +
 +la liste des parametres syncrepl est dans le man slapd.conf
 +
 +<code>
 +    https://linux.die.net/man/5/slapd.conf
 +    
 +syncrepl rid=<replica ID> provider=ldap[s]://<hostname>[:port] searchbase=<base DN> [type=refreshOnly|refreshAndPersist] 
 +[interval=dd:hh:mm:ss] [retry=[<retry interval> <# of retries>]+] [filter=<filter str>] [scope=sub|one|base|subord] 
 +[attrs=<attr list>] [attrsonly] [sizelimit=<limit>] [timelimit=<limit>] [schemachecking=on|off] [network-timeout=<seconds>
 +[timeout=<seconds>] [bindmethod=simple|sasl] [binddn=<dn>] [saslmech=<mech>] [authcid=<identity>] [authzid=<identity>
 +[credentials=<passwd>] [realm=<realm>] [secprops=<properties>] [keepalive=<idle>:<probes>:<interval>] [starttls=yes|critical] 
 +[tls_cert=<file>] [tls_key=<file>] [tls_cacert=<file>] [tls_cacertdir=<path>] [tls_reqcert=never|allow|try|demand] 
 +[tls_ciphersuite=<ciphers>] [tls_crlcheck=none|peer|all] [logbase=<base DN>] [logfilter=<filter str>
 +[syncdata=default|accesslog|changelog] 
 </code> </code>
  
docpublic/systemes/ldap/ldapc8reppartiel.1581609921.txt.gz · Last modified: 2020/02/13 16:05 by procacci@tem-tsp.eu
Show pageOld revisions
[unknown link type]Back to top
CC Attribution-Noncommercial-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0