LDAP

From Wikitech
(Difference between revisions)
Jump to: navigation, search
(ldapsync is in /usr/local/bin now)
Line 9: Line 9:
 
* copy zwinger:/etc/ldap.conf to the new machine
 
* copy zwinger:/etc/ldap.conf to the new machine
  
LDAP server is on srv1 (master) and srv2 (slave).  failover should be automatic.  to add new users, add them on srv1, then run /home/wikipedia/bin/ldapsync.  srv2 will update automatically.
+
LDAP server is on srv1 (master) and srv2 (slave).  failover should be automatic.  to add new users, add them on srv1, then run <tt>ldapsync</tt>.  srv2 will update automatically.
  
 
== Overload ==
 
== Overload ==

Revision as of 20:46, 5 August 2008

This page desperately needs to be filled out or brought up to date. If you're familiar with the operations of this part of the site, please help!

FIXME: There's almost no server info here

FIXME: What about client startup when servers are flaky?

Hosts should be to use LDAP for users and some other stuff.

setup LDAP client on new machine

  • run /home/wikipedia/bin/setup-ldap
  • copy zwinger:/etc/ldap.conf to the new machine

LDAP server is on srv1 (master) and srv2 (slave). failover should be automatic. to add new users, add them on srv1, then run ldapsync. srv2 will update automatically.

Overload

If the local caching daemon nscd dies on clients, the server can get badly overloaded and logins can fail.

If necessary restart it sitewide. :P

Server logging

slapd's logging stuff goes to a channel on syslog that's not logged by default. On a new server, you may have to manually edit syslog.conf and add something for local4.*

Then set an appropriate loglevel in /etc/openldap/slapd.conf

Retrieved from "http://wikitech-old.wikimedia.org/index.php?title=LDAP&oldid=15518"
Personal tools
Namespaces

Variants
Actions
Navigation
Ops documentation
Wiki
Toolbox