[CentOS] How to merge many LDAP Servers to the One Server

Fri Apr 22 06:58:30 UTC 2011
sync <jiannma at gmail.com>

On Fri, Apr 22, 2011 at 2:10 PM, Devin Reade <gdr at gno.org> wrote:

> sync <jiannma at gmail.com> wrote:
>
> >  I have many LDAP Servers which are 389 LDAP Server  on different network
> .
> > So I want to merge them to the one server.
> >
> > Could someone can give some suggestions?
>
> Really broad strokes:
>
> This can work if:
>     - All the servers you're trying to merge are using consistent schema.
>       If they're not, it's a lost cause.
>     - The existing servers are serving different parts of
>       the DIT hierarchy, and that there is no overlap.
>

First, thanks for your reply .

Sorry to tell you ,  the existing servers are servers differernt parts of
the  DIT
hierarchy, but there has some account on the differernt ldap servers, but
passwd
is not the same .

There is the first problem




> First of all, I wouldn't go down to a single server.  As a minimum have
> one slave, or doing maintenance on your LDAP server will bring down
> many network services unnecessarily (as would an unplanned outage).
> If you have satellite offices, at least one replica per site (preferably
> two) is good.
>

Yeah, you are right. I  will merge the all LDAP server data to the new LDAP
server
and then setup the  slave server , which can sync the master ldap data




> The easiest way to do it is to prepare your new master, then dump the
> ldif from each of your old masters, then load those into the new master.
> Make sure you have schema checking turned on.  Then configure your
> new replicas to use the new master.  Then cut over your clients.
> Add in suitable testing at all stages.
>
> If you have different administrative requirements for the different part
> of the DIT, configure your ACLs before you import the ldif into the
> new master.
>
> Detailed explanations available at my standard consulting rates ;)
> (Just joking, I don't have the spare cycles right now.)
>
> Devin
> --
> I got food poisoning today. I don't know when I'll use it.
>                                                        - Stephen Wright
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110422/dcb932ff/attachment-0005.html>