source: n4d-ldap/trunk/fuentes/replication/fichero_con_ssl_sin_rq @ 149

Last change on this file since 149 was 149, checked in by hectorgh, 4 years ago

adding project files

File size: 7.8 KB
Line 
1========================
2Pasos en el servidor
3========================
4cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
5dn: cn=config
6changetype: modify
7add: olcServerID
8olcServerID: 254
9EOF
10
11cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
12dn: cn=module{0},cn=config
13changetype: modify
14add: olcModuleLoad
15olcModuleLoad: {1}syncprov.la
16EOF
17
18cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
19dn: olcDatabase={0}config,cn=config
20changetype: modify
21add: olcRootPW
22olcRootPW: lliurex123
23EOF
24
25========================
26Pasos en el esclavo
27========================
28
29cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
30dn: cn=config
31changetype: modify
32add: olcServerID
33olcServerID: 1
34EOF
35
36cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
37dn: cn=module{0},cn=config
38changetype: modify
39add: olcModuleLoad
40olcModuleLoad: {1}syncprov.la
41EOF
42
43cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
44dn: olcDatabase={0}config,cn=config
45changetype: modify
46add: olcRootPW
47olcRootPW: lliurex123
48EOF
49
50================================================
51Pasos en los dos
52===============================================
53
54cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
55dn: cn=config
56changetype: modify
57replace: olcServerID
58olcServerID: 254 ldap://10.3.0.254/
59olcServerID: 1 ldap://10.3.0.1/
60EOF
61
62cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
63dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
64changetype: add
65objectClass: olcOverlayConfig
66objectClass: olcSyncProvConfig
67olcOverlay: syncprov
68EOF
69
70cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
71dn: olcDatabase={0}config,cn=config
72changetype: modify
73replace: olcSyncRepl
74olcSyncRepl: rid=254 provider=ldap://10.3.0.254/ binddn="cn=config"
75  bindmethod=simple credentials=lliurex123
76  searchbase="cn=config" type=refreshAndPersist
77  retry="5 5 300 5" timeout=1 schemachecking=off
78  tls_reqcert=never
79olcSyncRepl: rid=001 provider=ldap://10.3.0.1/ binddn="cn=config"
80  bindmethod=simple credentials=lliurex123
81  searchbase="cn=config" type=refreshAndPersist
82  retry="5 5 300 5" timeout=1 schemachecking=off
83  tls_reqcert=never
84-
85add: olcMirrorMode
86olcMirrorMode: TRUE
87EOF
88
89
90***************************************
91Apagar Slav
92***************************************
93
94######################################
95      Otro cliente
96######################################
97
98cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
99dn: cn=config
100changetype: modify
101add: olcServerID
102olcServerID: 2
103EOF
104
105cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
106dn: cn=module{0},cn=config
107changetype: modify
108add: olcModuleLoad
109olcModuleLoad: {1}syncprov.la
110EOF
111
112cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
113dn: olcDatabase={0}config,cn=config
114changetype: modify
115add: olcRootPW
116olcRootPW: lliurex123
117EOF
118
119
120-------------------------------------
121En el server y el nuevo slave
122-------------------------------------
123
124
125cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
126dn: cn=config
127changetype: modify
128replace: olcServerID
129olcServerID: 254 ldap://10.3.0.254/
130olcServerID: 1 ldap://10.3.0.1/
131olcServerID: 2 ldap://10.3.0.2/
132EOF
133
134========================================================
135ESTO EJECUTARLO EN EL SLAVE
136========================================================
137
138cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
139dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
140changetype: add
141objectClass: olcOverlayConfig
142objectClass: olcSyncProvConfig
143olcOverlay: syncprov
144EOF
145
146cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
147dn: olcDatabase={0}config,cn=config
148changetype: modify
149replace: olcSyncRepl
150olcSyncRepl: rid=254 provider=ldap://10.3.0.254/ binddn="cn=config"
151  bindmethod=simple credentials=lliurex123
152  searchbase="cn=config" type=refreshAndPersist
153  retry="5 5 300 5" timeout=1 schemachecking=off
154  tls_reqcert=never
155olcSyncRepl: rid=001 provider=ldap://10.3.0.1/ binddn="cn=config"
156  bindmethod=simple credentials=lliurex123
157  searchbase="cn=config" type=refreshAndPersist
158  retry="5 5 300 5" timeout=1 schemachecking=off
159  tls_reqcert=never
160olcSyncRepl: rid=002 provider=ldap://10.3.0.2/ binddn="cn=config"
161  bindmethod=simple credentials=lliurex123
162  searchbase="cn=config" type=refreshAndPersist
163  retry="5 5 300 5" timeout=1 schemachecking=off
164  tls_reqcert=never
165-
166add: olcMirrorMode
167olcMirrorMode: TRUE
168EOF
169========================================================
170END ESTO SOLO EJECUTARLO EN EL SLAVE
171========================================================
172
173========================================================
174ESTO EJECUTARLO EN EL MASTER
175========================================================
176
177
178cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
179dn: olcDatabase={0}config,cn=config
180changetype: modify
181replace: olcSyncRepl
182olcSyncRepl: rid=254 provider=ldap://10.3.0.254/ binddn="cn=config"
183  bindmethod=simple credentials=lliurex123
184  searchbase="cn=config" type=refreshAndPersist
185  retry="5 5 300 5" timeout=1 schemachecking=off
186  tls_reqcert=never
187olcSyncRepl: rid=001 provider=ldap://10.3.0.1/ binddn="cn=config"
188  bindmethod=simple credentials=lliurex123
189  searchbase="cn=config" type=refreshAndPersist
190  retry="5 5 300 5" timeout=1 schemachecking=off
191  tls_reqcert=never
192olcSyncRepl: rid=002 provider=ldap://10.3.0.2/ binddn="cn=config"
193  bindmethod=simple credentials=lliurex123
194  searchbase="cn=config" type=refreshAndPersist
195  retry="5 5 300 5" timeout=1 schemachecking=off
196  tls_reqcert=never
197EOF
198
199========================================================
200END ESTO EJECUTARLO EN EL MASTER
201========================================================
202
203
204###
205        TESTS
206###
207
208
209cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
210dn: cn=config
211changetype: modify
212replace: olcLogLevel
213olcLogLevel: 16384
214EOF
215
216
217cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
218dn: olcDatabase={1}hdb,cn=config
219changetype: modify
220replace: olcRootDN
221olcRootDN: cn=admin,dc=lliurex
222EOF
223
224cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
225dn: olcDatabase={1}hdb,cn=config
226changetype: modify
227delete: olcRootDN
228-
229add: olcRootDN
230olcRootDN: cn=admin,dc=lliurex,dc=net
231EOF
232
233
234cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
235dn: cn=config
236changetype: modify
237delete: olcLogLevel
238EOF
239
240cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
241dn: cn=config
242changetype: modify
243replace: olcLogLevel
244olcLogLevel: 12355
245EOF
246
247
248ldapsearch -Y EXTERNAL -H ldapi:// -b cn=config | less
249
250ldapsearch -x -LLL -H ldapi:// -s base -b 'cn=config' contextCSN
251###
252
253ldapsearch -Y EXTERNAL -LLL -H ldapi:// -s base -b 'cn=config' contextCSN
254
255
256iptables -A INPUT -p tcp --dport 389 -s 127.0.0.1 -j ACCEPT
257iptables -A INPUT -p tcp --dport 389 -s 10.3.0.1 -j ACCEPT
258iptables -A INPUT -p tcp --dport 636 -s 127.0.0.1 -j ACCEPT
259iptables -A INPUT -p tcp --dport 636 -s 10.3.0.1 -j ACCEPT
260iptables -A INPUT -p tcp --dport 636 -j DROP
261iptables -A INPUT -p tcp --dport 389 -j DROP
262
263
264
265==============================================
266Replicacion de datos
267==============================================
268
269
270cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
271dn: olcDatabase={1}hdb,cn=config
272changetype: modify
273add: olcLimits
274olcLimits: dn.exact="cn=admin,dc=ma5,dc=lliurex,dc=net" time.soft=unlimited
275  time.hard=unlimited size.soft=unlimited size.hard=unlimited
276-
277add: olcSyncRepl
278olcSyncRepl: rid=001 provider=ldap://10.3.0.254/ binddn="cn=admin,dc=ma5,dc=lliurex,dc=net"
279  bindmethod=simple credentials=lliurex searchbase="dc=ma5,dc=lliurex,dc=net"
280  type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 schemachecking=off
281  tls_reqcert=never
282olcSyncRepl: rid=002 provider=ldap://10.3.0.1/ binddn="cn=admin,dc=ma5,dc=lliurex,dc=net"
283  bindmethod=simple credentials=lliurex searchbase="dc=ma5,dc=lliurex,dc=net"
284  type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 schemachecking=off
285  tls_reqcert=never
286-
287add: olcDbIndex
288olcDbIndex: entryUUID  eq
289-
290add: olcDbIndex
291olcDbIndex: entryCSN  eq
292-
293add: olcMirrorMode
294olcMirrorMode: TRUE
295EOF
296
297cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
298dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config
299changetype: add
300objectClass: olcOverlayConfig
301objectClass: olcSyncProvConfig
302olcOverlay: syncprov
303EOF
304
305
Note: See TracBrowser for help on using the repository browser.