After jumpstarting SITH into another DirectoryServer configuration, I got LDAP set up to mirror between it and ASHTI. It was surprisingly easy.
There’s a new user in the administrators section (same place as the MacOS X config user and the LDAP search user) that is allowed to connect with replication data. Setting up the replication agreements was straightforward (but don’t try to use SSL with our certs — it fails). Replication updates happen right away, and work properly.
Thanks to round robin DNS entries, the load evened out pretty quickly between the two, and now we’re sitting at an average of about .4 to .5 on each. Still a little high for my tastes, but it’s usable. Maybe a new LDAP server pair should be in the future; we’ll see how well this pair does for now.
Posted by Rowan Littell at August 30, 2005 02:12 PM