In this configuration, you run a {{slapd}}(8) instance which provides
directory service for your local domain and configure it to return
-referrals to a {{superior}} service capable of handling requests
-outside your local domain. You may run this service yourself or
-use one provided to you. This configuration is shown in Figure
-3.2.
+referrals to other servers capable of handling requests. You may
+run this service (or services) yourself or use one provided to you.
+This configuration is shown in Figure 3.2.
!import "config_ref.gif"; align="center"; title="Local service with referrals"
FT[align="Center"] Figure 3.2: Local service with referrals
-Use this configuration if you want to provide local service and
-participate in the Global Directory.
+Use this configuration if you want to provide local service and
+participate in the Global Directory, or you want to delegate
+responsibility for {{subordinate}} entries to another server.
H2: Replicated Directory Service
-The {{slurpd}}(8) daemon is used to propagate changes from a master
-{{slapd}}(8) instance to one or more slave {{slapd}}(8) instances.
-An example master-slave configuration is shown in figure 3.3.
+slapd(8) includes support for {{LDAP Sync}}-based replication, called
+{{syncrepl}}, which may be used to maintain shadow copies of directory
+information on multiple directory servers. In its most basic
+configuration, the {{master}} is a syncrepl provider and one or more
+{{slave}} (or {{shadow}}) are syncrepl consumers. An example
+master-slave configuration is shown in figure 3.3.
!import "config_repl.gif"; align="center"; title="Replicated Directory Services"
FT[align="Center"] Figure 3.3: Replicated Directory Services
-This configuration can be used in conjunction with either of the first
-two configurations in situations where a single {{slapd}}(8) instance
-does not provide the required reliability or availability.
+This configuration can be used in conjunction with either of the
+first two configurations in situations where a single {{slapd}}(8)
+instance does not provide the required reliability or availability.
H2: Distributed Local Directory Service
H1: Building and Installing OpenLDAP Software
This chapter details how to build and install the {{PRD:OpenLDAP}}
-Software package including {{slapd}}(8), the stand-alone LDAP daemon
-and {{slurpd}}(8), the stand-alone update replication daemon.
-Building and installing OpenLDAP Software requires several steps:
-installing prerequisite software, configuring OpenLDAP Software
-itself, making, and finally installing. The following sections
-describe this process in detail.
+Software package including {{slapd}}(8), the stand-alone {{TERM:LDAP}}
+daemon. Building and installing OpenLDAP Software requires several
+steps: installing prerequisite software, configuring OpenLDAP
+Software itself, making, and finally installing. The following
+sections describe this process in detail.
H2: Obtaining and Extracting the Software
> make
You should examine the output of this command carefully to make sure
-everything is built correctly. Note that this command builds the LDAP
-libraries and associated clients as well as {{slapd}}(8) and {{slurpd}}(8).
+everything is built correctly. Note that this command builds the LDAP
+libraries and associated clients as well as {{slapd}}(8).
H2: Testing the Software
This document describes how to build, configure, and operate
{{PRD:OpenLDAP}} Software to provide directory services. This
includes details on how to configure and run the stand-alone
-{{TERM:LDAP}} daemon, {{slapd}}(8) and the stand-alone LDAP update
-replication daemon, {{slurpd}}(8). It is intended for new and
+{{TERM:LDAP}} daemon, {{slapd}}(8). It is intended for new and
experienced administrators alike. This section provides a basic
introduction to directory services and, in particular, the directory
services provided by {{slapd}}(8). This introduction is only
It is possible to replicate data from an LDAP directory server to
a X.500 DAP {{TERM:DSA}}. This requires an LDAP/DAP gateway.
-OpenLDAP does not provide such a gateway, but our replication daemon
-can be used to replicate to such a gateway. See the {{SECT:Replication
-with slurpd}} chapter of this document for information regarding
-replication.
+OpenLDAP Software does not include such a gateway.
H2: What is the difference between LDAPv2 and LDAPv3?
copies of directory information. This {{single-master/multiple-slave}}
replication scheme is vital in high-volume environments where a
single {{slapd}} just doesn't provide the necessary availability
-or reliability. {{slapd}} supports two replication methods: {{LDAP
-Sync}}-based and {{slurpd}}(8)-based replication.
+or reliability. {{slapd}} includes support for {{LDAP Sync}}-based
+replication.
{{B:Proxy Cache}}: {{slapd}} can be configured as a caching
LDAP proxy service.
everything you'd ever want to change. Configuration options have
reasonable defaults, making your job much easier.
-
-H2: What is slurpd and what can it do?
-
-{{slurpd}}(8) is a daemon that, with {{slapd}}(8) help, provides
-replicated service. It is responsible for distributing changes
-made to the master {{slapd}} database out to the various {{slapd}}
-replicas. It frees {{slapd}} from having to worry that some replicas
-might be down or unreachable when a change comes through; {{slurpd}}
-handles retrying failed requests automatically. {{slapd}} and
-{{slurpd}} communicate through a simple text file that is used to
-log changes.
-
-See the {{SECT:Replication with slurpd}} chapter for information
-about how to configure and run {{slurpd}}(8).
-
-Alternatively, {{LDAP-Sync}}-based replication may be used to provide
-a replicated service. See the {{SECT:LDAP Sync Replication}} chapter
-for details.
-
{{TERM:DIT}}. Replica (or shadow) servers hold shadow copies of
entries held by one or more master servers. Changes are propagated
from the master server to replica (slave) servers using LDAP Sync
-or {{slurpd}}(8). An LDAP cache is a special type of replica which
-holds entries corresponding to search filters instead of subtrees.
+replication. An LDAP cache is a special type of replica which holds
+entries corresponding to search filters instead of subtrees.
H2: Overview
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
H1: Replication with slurpd
+Note: this section is provided for historical reasons. {{slurpd}}(8)
+is deprecated in favor of LDAP Sync based replication, commonly
+referred to as {{syncrepl}}. Syncrepl is discussed in
+{{SECT:LDAP Sync Replication}} section of this document.
+
In certain configurations, a single {{slapd}}(8) instance may be
insufficient to handle the number of clients requiring
directory service via LDAP. It may become necessary to
{{slapd.conf}}(5) file, normally installed in the
{{EX:/usr/local/etc/openldap}} directory.
-An alternate configuration file can be specified via a
-command-line option to {{slapd}}(8) or {{slurpd}}(8). This chapter
-describes the general format of the config file, followed by a
-detailed description of commonly used config file directives.
+An alternate configuration file location can be specified via a command-line
+option to {{slapd}}(8). This chapter describes the general format
+of the {{slapd.conf}}(5) configuration file, followed by a detailed
+description of commonly used config file directives.
H2: Configuration File Format
See the chapter entitled {{SECT:Replication with slurpd}} for more
information on how to use this directive.
-
H4: replogfile <filename>
This directive specifies the name of the replication log file to
H4: updatedn <DN>
-This directive is only applicable in a slave slapd. It specifies
-the DN allowed to make changes to the replica. This may be the DN
+This directive is only applicable in a {{slave}} (or {{shadow}})
+{{slapd(8)}} instance. It specifies the DN allowed to make changes to
+the replica. This may be the DN
{{slurpd}}(8) binds as when making changes to the replica or the DN
associated with a SASL identity.
+
Entry-based Example:
> updatedn "cn=Update Daemon,dc=example,dc=com"
H4: updateref <URL>
-This directive is only applicable in a slave slapd. It
+This directive is only applicable in a {{slave}} (or {{shadow}})
+{{slapd}}(8) instance. It
specifies the URL to return to clients which submit update
requests upon the replica.
If specified multiple times, each {{TERM:URL}} is provided.
projects / thirdparty / openldap.git / commitdiff
