[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Replication Suggestions



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Philip Burrow

> Dear all

> I have tested this out and it works alright. Replication from master to
> slave - using a pre-defined replication user that is not the rootdn - is
> fine. What puzzles me is making the slave chase a referral and making it
> rebind as something other than anonymous.

Servers don't chase referrals, clients do. The slave sends a referral to the
client and it's up to the client to chase it.

> I have read in the archives
> that this is not possible with any version of the OpenLDAP client tools.
> If it isn't, what should I be doing to make this setup do what I want,
> as replication isn't a great deal of use otherwise? Would SASL help me?
> If so, how and why? I'm not particularly worried about security at this
> stage - I just want it to work.

The library provides functions to support authenticated rebinds. The command
line tools that we provide don't use this feature. If you want it, use the
library to develop your own clients, or add the one or two functions needed
to the existing clients. When using Simple Bind it's a security liability,
but since you're not concerned there, there's nothing stopping you.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support