If you are using openldap 2.1.x you can selectively replicate attributes using the ‘attr’ directive in the slapd.conf file under your replica statement for a given slave. For example:
replica host=172.16.20.10:389 suffix="ou=people,dc=example,dc=com" suffix="ou=hosts,dc=example,dc=com" binddn="cn=Manager,dc=example,dc=com" bindmethod=simple credentials="password” attr!=homeTelephoneNumber, streetAddress
The ‘attr!=’ equality tells slurpd not to replicate the attributes on the right side of the equality. An ‘attr =’ statement would dictate the attributes that you wanted to replicate.
Mike
-----Original Message-----
hi alls and happy new year!!
at my system i have a master server and several slaves. well, i want add one more slave, but this slave is special because it isnt at my network but at the network of my client. ok i dont want that he see all attributes for each entry.
i have to export all attributes for each entry to this new slave because if master try to replicate one attribute that dont exists at the new slave i will have one replication error.
are there any ways to restrict the replication only for some attributes?
i know that there are restrict for users and for branchs of the tree server.
if there not ways, do somebody suggest other solution?
thanks for all and kind regards!
agustin. |