Replicate OpenLDAP Servers

In this exercise, you configure LDAP replication with your neighbor.
You use a new LDAP entry
“uid=replicator,dc=digitalairlines,dc=com” with password “novell”
for replication.
In part IV, you change the surname of user kbailey from “Bailey” to
“Smith”. You do this on the master to see if the replication works correct.
Do the following:

■ Part I - Add the Replicator DN to the Master’s LDAP Directory
■ Part II - Configure the LDAP Master Server
■ Part III - Configure the LDAP Client Server
■ Part IV - Copy the Database and Start the Servers
■ Part V - Test Replication

Part I - Add the Replicator DN to the Master’s LDAP Directory
1. To add the new LDAP entry on the master create a new LDIF file by entering
vi replicator.ldif
2. Enter the following lines
dn: uid=replicator,dc=digitalairlines,dc=com
objectClass: inetOrgPerson
uid: replicator
cn: LDAP Replicator
sn: Replicator
You also can copy the file exercises/section_3/replicator.ldif from the Course DVD.
3. Save the file and exit by entering :wq.
4. Add the entry to the LDAP directory by entering
ldapadd -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -W -f
replicator.ldif
5. To enter a password for the replicator enter
ldappasswd -x -D
"cn=Administrator,dc=digitalairlines,dc=com" -W -S
"uid=replicator,dc=digitalairlines,dc=com"
6. Enter novell twice as new password.
7. Enter the administrator password (also novell) to set the password.

Part II - Configure the LDAP Master Server
1. On the master stop your LDAP server by entering rcldap stop.
2. Open the file /etc/openldap/slapd.conf by entering
vi /etc/openldap/slapd.conf
3. Specify a file where the changes in the LDAP directory are stored by adding the line
replogfile /var/lib/ldap/master-slapd.replog
4. Specify the replication host (all in one line)
replica uri=ldap://slave_ip:389
binddn=”uid=replicator,dc=digitalairlines,dc=com”
bindmethod=simple credentials=novell
slave_ip is the IP address of your neighbor’s computer.
5. Save the file and exit by entering :wq.

Part III - Configure the LDAP Client Server
1. Stop your LDAP server by entering rcldap stop.
2. Open the file /etc/openldap/slapd.conf by entering
vi /etc/openldap/slapd.conf
3. Add the following lines
updatedn=”uid=replicator,dc=digitalairlines,dc=com”
updateref="ldap://master_ip"
master_ip is the IP address of your neighbor’s computer.
4. Change the following access rule
access to *
by * read
to
access to *
by dn=”uid=replicator,dc=digitalairlines,dc=com” write
by * read
5. Save the file and exit by entering :wq.

Part IV - Copy the Database and Start the Servers
1. On the master server enter
scp -r /var/lib/ldap/ host:/var/lib/ldap/
Replace host by the host name of the slave server.
2. Enter novell when prompted for a password.
3. On both servers start the slapd by entering
rcldap start.
4. On the master server start the slurpd by entering
rcslurpd start

Part V - Test Replication
1. To change some user information on the master, create a new
LDIF file by entering
vi change.ldif
2. Enter the following lines
dn: uid=kbailey,ou=people,dc=digitalairlines,dc=com
cn: Kate Smith
sn: Smith
You also can copy the file exercises/section_3/change.ldif from the Course DVD.
3. Save the file and exit by entering :wq.
4. To change the LDAP information, enter
ldapmodify -x -D
“cn=Administrator,dc=digitalairlines,dc=com” -W -f
change.ldif
5. On the master and slave enter
ldapsearch -x “uid=kbailey”