-# Copyright 1999, The OpenLDAP Foundation, All Rights Reserved.
+# $OpenLDAP$
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
H1: The Big Picture - Configuration Choices
-This section gives a brief overview of various LDAP directory
-configurations, and how your LDAP server (either {{I:slapd}} or
-{{I:ldapd}}) fits in with the rest of the world.
+This section gives a brief overview of various {{TERM:LDAP}} directory
+configurations, and how your Standalone LDAP Daemon {{slapd}}(8)
+fits in with the rest of the world.
+H2: Local Directory Service
-H2: LDAP as a local service only
+In this configuration, you run a {{slapd}}(8) instance which provides
+directory service for your local domain only. It does not interact
+with other directory servers in any way. This configuration is shown
+in Figure 3.1.
-In this configuration, you run a {{I:slapd}} which provides directory service
-for your local domain only. It does not interact with other directory
-servers in any way. This configuration is shown in Figure 2.
-
-!import "config_local.gif"; align="center"; title="Local service via slapd configuration"
-FT[align="Center"] Figure 2: Local service via slapd configuration.
+!import "config_local.png"; align="center"; title="Local service via slapd(8) configuration"
+FT[align="Center"] Figure 3.1: Local service configuration.
Use this configuration if you are just starting out (it's the one the
quick-start guide makes for you) or if you want to provide a local
It's easy to upgrade to another configuration later if you want.
+H2: Local Directory Service with Referrals
-H2: Local service with X.500 referrals
-
-In this configuration, you run a slapd which provides directory service
-for your local domain and an ldapd which provides access to the
-X.500 world (you don't have to run the ldapd yourself - you can just
-point to somebody else who does and doesn't mind you pointing to
-their service). This configuration is shown in Figure 3.
-
-!import "config_x500ref.gif"; align="center"; title="Local service via slapd + X.500 referrals configuration"
-FT[align="Center"] Figure 3: Local service via slapd + X.500 referrals configuration
-
-Use this configuration if you want to provide local service but still want
-to be connected to the rest of the X.500 world. Remember, you don't
-necessarily have to be running the ldapd in this picture; you just need
-to find one you can point to.
-
-
-
-H2: LDAP as a front end to X.500
+In this configuration, you run a {{slapd}}(8) instance which provides
+directory service for your local domain and configure it to return
+referrals to other servers capable of handling requests. You may
+run this service (or services) yourself or use one provided to you.
+This configuration is shown in Figure 3.2.
-In this configuration, you run an X.500 service which provides
-directory service for your local domain and gatewaying service to the
-rest of the X.500 world. LDAP clients gain access to the directory
-through an ldapd which runs at your site. This configuration is shown
-in Figure 4.
+!import "config_ref.png"; align="center"; title="Local service with referrals"
+FT[align="Center"] Figure 3.2: Local service with referrals
-!import "config_x500fe.gif"; align="center"; title="Local service via X.500 and ldapd configuration"
-FT[align="Center"] Figure 4: Local service via X.500 and ldapd configuration
+Use this configuration if you want to provide local service and
+participate in the Global Directory, or you want to delegate
+responsibility for {{subordinate}} entries to another server.
-Use this configuration if you are already running an X.500 service.
-Slapd is not involved in this configuration, so you can probably stop
-reading this guide.
+H2: Replicated Directory Service
+slapd(8) includes support for {{LDAP Sync}}-based replication, called
+{{syncrepl}}, which may be used to maintain shadow copies of directory
+information on multiple directory servers. In its most basic
+configuration, the {{master}} is a syncrepl provider and one or more
+{{slave}} (or {{shadow}}) are syncrepl consumers. An example
+master-slave configuration is shown in figure 3.3.
-H2: Replicated slapd service
+!import "config_repl.gif"; align="center"; title="Replicated Directory Services"
+FT[align="Center"] Figure 3.3: Replicated Directory Services
-The slurpd daemon is used to propagate changes from a master slapd
-to one or more slave slapds. An example master-slave configuration
-is shown in figure 5.
+This configuration can be used in conjunction with either of the
+first two configurations in situations where a single {{slapd}}(8)
+instance does not provide the required reliability or availability.
-!import "config_repl.gif"; align="center"; title="Master slapd with two slaves replicated with slurpd"
-FT[align="Center"] Figure 5: Master slapd with two slaves replicated with slurpd
+H2: Distributed Local Directory Service
-This configuration can be used in conjunction with the first two
-configurations in situations where a single slapd does not provide the
-required reliability or availability.
+In this configuration, the local service is partitioned into smaller
+services, each of which may be replicated, and {{glued}} together with
+{{superior}} and {{subordinate}} referrals.
+!if 0
+An example of this configuration is shown in Figure 3.4.
+!import "config_dist.gif"; align="center"; title="Distributed Local Directory Services"
+FT[align="Center"] Figure 3.4: Distributed Local Directory Services
+!endif