Hi , all : I have many LDAP Servers which are 389 LDAP Server on different network . So I want to merge them to the one server. Could someone can give some suggestions? Thanks in advance... -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110422/0de55922/attachment-0005.html>
Devin Reade
2011-Apr-22 06:10 UTC
[CentOS] How to merge many LDAP Servers to the One Server
sync <jiannma at gmail.com> wrote:> I have many LDAP Servers which are 389 LDAP Server on different network . > So I want to merge them to the one server. > > Could someone can give some suggestions?Really broad strokes: This can work if: - All the servers you're trying to merge are using consistent schema. If they're not, it's a lost cause. - The existing servers are serving different parts of the DIT hierarchy, and that there is no overlap. First of all, I wouldn't go down to a single server. As a minimum have one slave, or doing maintenance on your LDAP server will bring down many network services unnecessarily (as would an unplanned outage). If you have satellite offices, at least one replica per site (preferably two) is good. The easiest way to do it is to prepare your new master, then dump the ldif from each of your old masters, then load those into the new master. Make sure you have schema checking turned on. Then configure your new replicas to use the new master. Then cut over your clients. Add in suitable testing at all stages. If you have different administrative requirements for the different part of the DIT, configure your ACLs before you import the ldif into the new master. Detailed explanations available at my standard consulting rates ;) (Just joking, I don't have the spare cycles right now.) Devin -- I got food poisoning today. I don't know when I'll use it. - Stephen Wright