LDAP 用户管理与 RSCT配置第二步

论坛元老

Rank: 8 Rank: 8

UID: 1066743

1^#

打印

字体大小: tT

look_w发表于 2018-1-10 22:27 | 只看该作者

LDAP 用户管理与 RSCT配置第二步

配置复制规则
以下程序配置 inst1 和 inst2 之间的复制规则。该脚本应同时在两个实例主机上运行。参数（如 <serverId-inst2>）必须在基础实例配置中查询。确保正确映射实例和服务器 ID (serverID)。您可以使用以下命令获取服务器 ID：

1	$ITDS/bin/ldapsearch -h host1 -p 20389 -s base objectclass=* ibm-serverId

从 host1 上的 inst1 实例获取服务器 ID。

1	$ITDS/bin/ldapsearch -h host2 -p 20389 -s base objectclass=* ibm-serverId

从 host2 上的 inst2 实例获取服务器 ID。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

#!/usr/bin/perl

$ldif = "$SOURCE/logs/Replication_Agreement.ldif";
open(LDIF,"> $ldif");

print(LDIF "dn: ibm-replicaGroup=default,$SUFFIX\n");
print(LDIF "objectclass: top\n");
print(LDIF "objectclass: ibm-replicaGroup\n");
print(LDIF "ibm-replicaGroup: default\n");
print(LDIF "\n");
print(LDIF "dn: cn=ReplicaBindCredentials,cn=replication,cn=IBMpolicies\n");
print(LDIF "objectclass: ibm-replicationCredentialsSimple\n");
print(LDIF "cn: ReplicaBindCredentials\n");
print(LDIF "replicaBindDN: cn=masterdn\n");
print(LDIF "replicaCredentials: masterdnpwd\n");
print(LDIF "description: Bind Credentials on peer to bind to each other.\n");
print(LDIF "\n");
print(LDIF "dn: ibm-replicaServerId=<serverId-inst2>,ibm-replicaGroup=default,$SUFFIX\n");
print(LDIF "objectclass: top\n");
print(LDIF "objectclass: ibm-replicaSubentry\n");
print(LDIF "ibm-replicaServerId: <serverId-inst2>\n");
print(LDIF "ibm-replicationServerIsMaster: true\n");
print(LDIF "cn: inst2\n");
print(LDIF "description: inst2 ibm-replicaSubentry\n");
print(LDIF "\n");
print(LDIF "dn: ibm-replicaServerId=<serverId-inst1>,ibm-replicaGroup=default,$SUFFIX\n");
print(LDIF "objectclass: top\n");
print(LDIF "objectclass: ibm-replicaSubentry\n");
print(LDIF "ibm-replicaServerId: <serverId-inst1>\n");
print(LDIF "ibm-replicationServerIsMaster: true\n");
print(LDIF "cn: inst1\n");
print(LDIF "description: inst1 ibm-replicaSubentry\n");
print(LDIF "\n");
print(LDIF "dn: cn=inst2,ibm-replicaServerId=<serverId-inst1>,
ibm-replicaGroup=default,$SUFFIX\n");
print(LDIF "objectclass: top\n");
print(LDIF "objectclass: ibm-replicationAgreement\n");
print(LDIF "cn: inst2\n");
print(LDIF "ibm-replicaConsumerId: <serverId-inst2>\n");
print(LDIF "ibm-replicaUrl: ldap://host2:20389\n");
print(LDIF "ibm-replicaCredentialsDN: cn=ReplicaBindCredentials,
cn=replication,cn=IBMpolicies\n");
print(LDIF "description: inst1 to inst2 agreement\n");
print(LDIF "\n");
print(LDIF "dn: cn=inst1,ibm-replicaServerId=<serverId-inst2>,
ibm-replicaGroup=default,$SUFFIX\n");
print(LDIF "objectclass: top\n");
print(LDIF "objectclass: ibm-replicationAgreement\n");
print(LDIF "cn: inst1\n");
print(LDIF "ibm-replicaConsumerId: <serverId-inst1>\n");
print(LDIF "ibm-replicaUrl: ldap://host1:20389\n");
print(LDIF "ibm-replicaCredentialsDN: cn=ReplicaBindCredentials,
cn=replication,cn=IBMpolicies\n");
print(LDIF "description: inst2 to inst1 agreement\n");
print(LDIF "\n");
close(LDIF);

$cmd = "$ITDS/sbin/idsslapd -I inst1 -k"; # stop LDAP
print("Executing $cmd ...\n");
system("$cmd"); # stop LDAP

print("Loading Replication agreement $ldif …\n")
$cmd = "$ITDS/sbin/idsldif2db -r no -i $ldif -I inst1";
print("Executing $cmd ...\n");
system($cmd);

print("Starting LDAP server ...\n");
$cmd = "$ITDS/sbin/idsslapd -I inst1"; # start LDAP
print("Executing $cmd ...\n");
system("$cmd"); # start LDAP

在 host2 上执行同一序列，

1
2
3
4
5
6
7
8
9
10
11
12
13

$cmd = "$ITDS/sbin/idsslapd -I inst2 -k"; # stop LDAP
print("Executing $cmd ...\n");
system("$cmd"); # stop LDAP

print("Loading Replication agreement $ldif …\n")
$cmd = "$ITDS/sbin/idsldif2db -r no -i $ldif -I inst2";
print("Executing $cmd ...\n");
system($cmd);

print("Starting LDAP server ...\n");
$cmd = "$ITDS/sbin/idsslapd -I inst2"; # start LDAP
print("Executing $cmd ...\n");
system("$cmd"); # start LDAP

收藏分享评分

回复引用

订阅 TOP

返回列表