Running an LDAP server locally.

Under SL6, all DICE machines ran their own LDAP servers, synchronising from the master using our own slaprepl technology.

For SL7 we have switched to a more traditional client/server model. See the OpenLDAP: DICE client configuration project. During that project we identified a requirement (see 2.2) for it to still be possible for a machine to run its own LDAP server.

This functionality has been implemented via the <dice/options/openldap-run-and-use-local-server.h> header.

Once applied, a machine using this header will run its own LDAP server, replicating from the master using syncrepl (openldap's own replication technology). It configures sssd to use the local server and does not use TLS.

Recommended use of this header:

  1. om openldap stop
  2. include header
  3. om updaterpms run
  4. om openldap start

-- TobyBlake - 10 May 2017

Topic revision: r1 - 10 May 2017 - 13:08:53 - TobyBlake
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies