Replicate Multiple LDAP Accounts



Replicate multiple LDAP accounts to one or many databases.

CData Sync for LDAP is a stand-alone application that provides solutions for a variety of replication scenarios such as replicating sandbox and production instances into your database. Both Sync for Windows and Sync for Java include a command-line interface (CLI) that makes it easy to manage multiple LDAP connections. In this article we show how to use the CLI to replicate multiple LDAP accounts.

Configure LDAP Connections

You can save connection and email notification settings in an XML configuration file. To replicate multiple LDAP accounts, use multiple configuration files. Below is an example configuration to replicate LDAP to SQLite:

Windows

<?xml version="1.0" encoding="UTF-8" ?> <CDataSync> <DatabaseType>SQLite</DatabaseType> <DatabaseProvider>System.Data.SQLite</DatabaseProvider> <ConnectionString>User=Domain\BobF;Password=bob123456;Server=10.0.1.1;Port=389;</ConnectionString> <ReplicateAll>False</ReplicateAll> <NotificationUserName></NotificationUserName> <DatabaseConnectionString>Data Source=C:\my.db</DatabaseConnectionString> <TaskSchedulerStartTime>09:51</TaskSchedulerStartTime> <TaskSchedulerInterval>Never</TaskSchedulerInterval> </CDataSync>

Java

<?xml version="1.0" encoding="UTF-8" ?> <CDataSync> <DatabaseType>SQLite</DatabaseType> <DatabaseProvider>org.sqlite.JDBC</DatabaseProvider> <ConnectionString>User=Domain\BobF;Password=bob123456;Server=10.0.1.1;Port=389;</ConnectionString> <ReplicateAll>False</ReplicateAll> <NotificationUserName></NotificationUserName> <DatabaseConnectionString>Data Source=C:\my.db</DatabaseConnectionString> </CDataSync>

To establish a connection, the following properties under the Authentication section must be provided:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

Configure Queries for Each LDAP Instance

Sync enables you to control replication with standard SQL. The REPLICATE statement is a high-level command that caches and maintains a table in your database. You can define any SELECT query supported by the LDAP API. The statement below caches and incrementally updates a table of LDAP objects:

REPLICATE User;

You can specify a file containing the replication queries you want to use to update a particular database. Separate replication statements with semicolons. The following options are useful if you are replicating multiple LDAP accounts into the same database:

You can use a different table prefix in the REPLICATE SELECT statement:

REPLICATE PROD_User SELECT * FROM User

Alternatively, you can use a different schema:

REPLICATE PROD.User SELECT * FROM User

Run Sync

After you have configured the connection strings and replication queries, you can run Sync with the following command-line options:

Windows

LDAPSync.exe -g MyProductionLDAPConfig.xml -f MyProductionLDAPSync.sql

Java

java -Xbootclasspath/p:c:\sqlitejdbc.jar -jar LDAPSync.jar -g MyProductionLDAPConfig.xml -f MyProductionLDAPSync.sql

Ready to get started?

Learn more or sign up for a free trial:

CData Sync