My scenario is that we have a centralized Opendj in cloud and we want to sync(pull) the Directory data from this Opendj to an Openldap instance running in same cloud. I am trying to achieve this by using syncrepl by configuring Openldap slapd.conf file. In the file provider ldap://opendjendpoint.my.org:389 is Opendj
syncrepl rid=1
provider=ldap://opendjendpoint.my.org:389
type=refreshOnly
interval=00:00:05:00"
searchbase="o=my.org,c=us"
filter="(objectClass=*)"
scope=sub
attrs="*,+"
schemachecking=off
bindmethod=simple
binddn="cn=syncuser,o=my.org,c=us"
credentials=somepass
Question is though opendj runs an LDAP server, but using syncrepl in openldap can I connect to it. My thought is that openldap can connect only with RFC4533 implementations(LDAP sync Protocol) and opendj does not implement it. Can somebody provide input on this?
As you've noticed OpenDJ doesn't implement RFC4533 which is an experimental RFC. But when replication is enabled, all changes can be retrieved via LDAP (subject to access controls), from the cn=changelog suffix. Synchronization tools such as LSC Project can consume these changes and replay them against other LDAP servers.