1. Install both machines with authentication via ldap 2. Create users on one of the machines. I used node 1, power720-2. 3. Modify slapd.conf on node 1 add the entries updatedn "cn=Administrator,dc=hwlab,dc=suse,dc=de" replicationinterval 60 replica host=power720-3.hwlab.suse.de:389 suffix="dc=hwlab,dc=suse,dc=de" binddn="cn=Administrator,dc=hwlab,dc=suse,dc=de" bindmethod=simple credentials=novell replogfile /var/lib/slurpd/replica/rep-log-master 4. Modify slapd.conf on node 2 add the entries updatedn "cn=Administrator,dc=hwlab,dc=suse,dc=de" replicationinterval 60 replica host=power720-2.hwlab.suse.de:389 suffix="dc=hwlab,dc=suse,dc=de" binddn="cn=Administrator,dc=hwlab,dc=suse,dc=de" bindmethod=simple credentials=novell replogfile /var/lib/slurpd/replica/rep-log-master 5. Create file on node 1 and node 2 power720-2:# touch /var/lib/slurpd/replica/rep-log-master power720-3:# touch /var/lib/slurpd/replica/rep-log-master 6. Modify /etc/sysconfig/openldap on node 1 and 2 Add the entries for "root" instead of user and group "ldap", Reference openldap 7. Migrate Data from node 1 to node 2 power720-2:# rcldap stop power720-2:# slapcat > /tmp/ldap.ldif power720-2:# scp /tmp/ldap.ldif power720-3:/tmp/ Logon the second node now. power720-3:# rcldap stop power720-3:# rm /var/lib/ldap/* power720-3:# slapadd -l /tmp/ldap.ldif 8. Power on the ldap and slurpd on the nodes Start ldap on node 1 power720-2:# rcldap start Start ldap on node 2 power720-3:# rcldap stop Start slurpd on node 1 power720-2:# rcslurpd start Start slurpd on node 2 power720-3:# rcslurpd start 9. Test Change user attributes on node 1, for example with yast, run an ldapsearch on node 2 before and after the changes. power720-3:# ldapsearch -x -D "cn=Administrator,dc=hwlab,dc=suse,dc=de" '(uid=hatester3)' -w novell 10. Make sure slurpd is started at boottime Run on node 1 power720-2:# insserv slurpd on node 2 power720-3:# insserv slurpd Any change in the LDAP will now be sent by the slurpd to the other nodes ldap server. This ldap server will apply the change and sent it back again as a change. But as the first node has this changes applied already there will be no change, so a possible loop is avoided while both ldap servers are synchronized all the time. Changes will only occour on the active node, as the other one is idle.