Re: AW: Replication between different Versions of server

[Paul Jakma <paul@clubi.ie>]

ah ok... so there is a reason.

what reason is there for the ldap library to bind anonymously when
following refferals. I bound to the original server with a valid dn
for a reason, because i might want to change something.

the original server reffers me because it knows it can't handle a
write.

so why not use the original bind dn when binding to the reffered
server?

doing otherwise makes working with an ldap cluster slightly
un-transparent.

thanks and regards,

Paul Jakma.

On Tue, 15 May 2001, Pierangelo Masarati wrote:

> Paul Jakma wrote:
>
> > On Mon, 14 May 2001, Pierangelo Masarati wrote:
> >
> > > modification. The only missing functionality would be the referral return
> > > on write attempt.
> >
> > how do you get the refferal on write to work? it will not work for
> > me -> clients that try to write to the slave are reffered to the
> > master alright, but they always get "insufficient access". same
> > client on same entry, same acl being applied but talking to the
> > master LDAP server (hence with correct bind dn) can modify the entry.
>
> By default, when automatically following referrals, LDAP performs
> an anonymous bind. To change this behaviour, if you're coding the
> client you must perform an explicit rebind, see ldap_set_rebind_proc(3).
> Otherwise, you should disable the automatical referral chasing, and
> reissue the write operation to the new target. This is what I got.
> You should check some rfc on the subject, though, for more detailed
> explanations.
>
> Pierangelo.
>
> --
> Dr. Pierangelo Masarati    mailto:ando@sys-net.it
> Developer, SysNet s.n.c.   http://www.sys-net.it
>
>
>
>
>

-- 
Paul Jakma	paul@clubi.ie	paul@jakma.org
PGP5 key: http://www.clubi.ie/jakma/publickey.txt
-------------------------------------------
Fortune:
At the source of every error which is blamed on the computer you will find
at least two human errors, including the error of blaming it on the computer.