HP OSMS Blueprint: Directory Services on HP ProLiant and HP Integrity Servers with RHEL5
Table Of Contents
- HP Open Source Middleware Stacks Blueprint:
- Table of Contents
- Introduction
- Typographic Conventions
- HP Encourages Your Comments
- Overview of HP Directory Services OSMS
- Installing and Configuring Symas CDS and Apache Modules
- Managing the Symas CDS Server
- Performing Backups and Recovery with Berkeley DB
- Configuring the Master-Slave Replication
- Integrating the Apache HTTP Server with the mod_authnz_ldap and mod_ldap Modules
- Setting up Security for the CDS Server
- Monitoring OpenLDAP with the HP OpenView Operations CDS Gallery SPIs
8. To place the data files and log files in a consistent state, run the following command:
# /opt/symas/bin/db_recover –c –h /var/symas/openldap-data/example/
9. Start the CDS server and verify the recover results by entering the following commands:
# /etc/init.d/cdsserver start
# /opt/symas/bin/slapcat
Obtaining Statistics for the Berkeley DB
Use the db_stat utility, contained in the CDS distribution, to obtain statistics and state
information for the Berkeley DB environment. The db_stat utility is located in the
/opt/symas/bin directory.
1. To get the Berkeley database version information, enter the following command:
# /opt/symas/bin/db_stat -V
2. Display the lock region parameter and information for the Berkeley database by entering
the following command:
# /opt/symas/bin/db_stat -C A -h /var/symas/openldap-data/example
3. To display detailed statistical information for a specified file, use the db_stat utility with
the –d option as follows:
# /opt/symas/bin/db_stat -d dn2id.bdb -h \
/var/symas/openldap-data/example
4. To monitor the current transaction's information, use the db_stat utility with the –t option
as follows:
# /opt/symas/bin/db_stat -t -h /var/symas/openldap-data/example
5. To check additional Berkeley DB information, such as environment version, log region, lock
region, and transaction region, enter the following command:
# /opt/symas/bin/db_stat -e -h /var/symas/openldap-data/example
Configuring the Master-Slave Replication
Symas CDS replication is used to address high availability and performance requirements.
Although the CDS server is optimal for handling querying operations, with the help of replication,
the CDS server can also provide performance improvement, reduce query latency by locating
replicas “close” to clients, and assist with lowering the risk of a single point of failure.
In most cases, the optimal, scalable solution is the master-slave replication configuration, in
which one master manages all directory update operations and the slave servers handle all
directory query operations. This configuration is supported natively by OpenLDAP, and therefore,
CDS. Additional slave servers can be added with limited effort after the CDS server is configured
and running.
The CDS server supports two mechanisms for the master-slave replication: first, a typical
implementation by slurpd daemon and second, a new method from OpenLDAP version 2.2
called content-synchronization or “syncrepl”. This document focuses on the new syncrepl method.
For more information about the two replication methods, visit the Web site at:
http://www.openldap.org/faq/data/cache/1170.html
The syncrepl method uses the LDAP content synchronization protocol as the synchronization
protocol to maintain a Directory Information Tree (DIT) fragment copy of the master CDS server.
The syncrepl engine is a slave-side replication engine, which supports both polling and listening
modes of synchronization. If the refreshOnly mode is used, the syncrepl engine is triggered
periodically and checks whether to perform synchronization operations. If the
Configuring the Master-Slave Replication 17