directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject [Replication] configuration
Date Sat, 06 Jun 2009 22:29:29 GMT

now that the entryCSN and entryUUID schema elements and index has been 
added in the server, I would like to extend the configuration to be able 
to inject the consumer part of the syncrepl protocol we have in a branch 

Here are the minimal configuration elements we have to add :
- replica ID : the server ID. It's a DirectoryService parameter.
- providers : a LdapURL. It's used to define the server we will be 
connected to plus the search parameters. We may have more than one provider.
- type : refreshOnly or refreshAndPersist
- bindDn : the DN to use to do the search
- bindMethod : the bind method (simple or sasl)
- credentials : the credentials used to authentify the user
- saslMechanism : the list of SASL mechanism to use (if a SASL boind is 

Atm, I didn't add the TLS parameters. It would be interesting to avoid 
adding a password in the configuration file, to use a certificate instead.

This should be enough to implement the replication configuration, not 
only for the consumer part of the protocol.

FYI, I think that using a LDAPURL instead of many parameters (baseDN, 
filter, scope, attrs) is probably better. We could also inject some of 
the other potential parameters (sizeLimit, timeLimit) as extensions in 
the LdapUrl.

I will try to come with a configuration sample very soon.

thoughts ?

PS : I haven't implemented anything atm.

cordialement, regards,
Emmanuel L├ęcharny

View raw message