Openldap replication setup and useful ldap commands

Openldap is popular opensource directory service. This tutorial will setup replication feature of Openldap with two servers.


Edit /etc/openldap/slapd.conf

suffix          ",o=asp"
rootdn          ",o=asp"
rootpw          secret
loglevel        4095

Replica host=sandbox2:389
bindmethod=simple credentials=secret

replogfile      /var/log/replogfile
Edit /etc/openldap/slapd.conf
suffix          ",o=asp"
rootdn          ",o=asp"
rootpw          secret
updateref   ldap://sandbox1
Start ldap service and check the directory tree.
ldapsearch -x -b ",o=asp" "(objectclass=*)"
You may import the backup ldiff file
ldapadd -D ",o=asp" -W -x -f backup.ldif

Replication steps

At sandbox 1
service ldap stop
cd /root/ldap
slapcat -b ",o=asp" -l
Transfer to sandbox2
scp root@sandbox2:ldap/
ldapadd -D ",o=asp" -W -x -f
Start ldap serivice at both nodes
service ldap start <- Slave
service ldap start <- Master
Add new user at master
ldapadd -D ",o=asp" -W -x -f newuser.ldif
Should able to search at both master and slave
ldapsearch -x -b ",o=asp" "("

Add new user manually
ldapadd -D "cn=Manager,dc=test,dc=internal" -x -W <- prompts on STDIN for value(s)
Note: If you try to add a duplicate user, the DIT will deny the entry. Supply LDIF info for creation of user object on STDIN execute 'CTRL-D' when complete
Should able to search at both master and slave
ldapsearch -x -b ",o=asp" "("
Delete user
ldapdelete -D ",o=asp" -W -v ",ou=people,ou=sales,,o=asp" -x

ldapdelete -D "cn=Manager,dc=test,dc=internal" -W -h linux -v "ou=people,dc=test,dc=internal" -x

ldapdelete -D "cn=Manager,dc=test,dc=internal" -W -h linux -v "cn=Linux,ou=sales,dc=test,dc=internal" -x -c -f Delete_Remaining_Items.ldif
Modify user
ldapmodify -D "cn=Manager,dc=test,dc=internal" -x -W -a -v -f Add_3_OUs.ldif
ldapmodify -D "cn=Manager,dc=test,dc=internal" -x -W -a -v -f filename.ldif -h primary_LDAP_server
Rebuild DIT
ldapdelete -D "cn=Manager,dc=test,dc=internal" -v -x -r 'ou=people,dc=test,dc=internal' -W
ldapdelete -D "cn=Manager,dc=test,dc=internal" -v -x -r -W -f OUs_to_Delete_Recursively.ldif

ldapdadd -D "cn=Manager,dc=test,dc=internal" -v -x-W -f Create_DIT.ldif
Update password
ldappasswd -D "cn=manager,dc=test,dc=internal" -x -v -W "uid=projuser1,ou=People,dc=test,dc=internal"
ldappasswd -D "cn=manager,dc=test,dc=internal" -v -x -W -s abc123 "uid=projuser1,ou=People,dc=test,dc=internal"