Replication of accounts is always a challenge :).
What I have seen being used is the Retro changelog mechanism.
A script will poll for changes and keep track of what has been processed and synced to the other side.
Where are the accounts originally created?
I get the idea the source is your Oracle Database?
I really hope you do not create accounts in both, that would make it very complex and it should not be done from an architectural point of view.
Some remarks about your list:
- a multi master setup does use it's own storage, replication is done on an LDAP level. Hence I do not understand the shared storage
Depending on which of the 2 masters is less likely to fail, you could choose that one, or let the script talk to the cluster IP address if you use that.
I would like to learn more about which part is master and how accounts are created to be able to say if this is a good solution.
You could also use a bus construction if your are planning to do more syncing in the future, like :