[Date Prev][Date Next] [Chronological] [Thread] [Top]

replica and ssl

To: openldap-software@OpenLDAP.org
Subject: replica and ssl
From: Ottavio Campana <ottavio@campana.vi.it>
Date: Sat, 18 Dec 2004 10:02:00 +0100
User-agent: Mozilla Thunderbird 0.8 (X11/20040926)

Today I was thinking about replica and ssl.

When you copy the information from a master to a slave server how is the information moved? I mean, for I store password in a ldap server, should I do something special to protect them while they're replicated?

I've always configured the slave with something similar to

rootdn  "cn=admin,dc=qualcosa"
rootpw  "passwordcopia"

updatedn "cn=admin,dc=qualcosa"
updateref "ldap://serveroriginale";

and the master with something like

replogfile      /var/lib/ldap/replog

replica host=servercopia:389 binddn="cn=admin,dc=qualcosa"
        bindmethod=simple credentials=passwordcopia

Should I use something like host=ldaps://servercopia:636 in them amster and updateref "ldaps://serveroriginale:636" in the slave to use ssl and be secure?

--
Non c'è più forza nella normalità, c'è solo monotonia.

Attachment: signature.asc
Description: OpenPGP digital signature

Follow-Ups:
- Re: replica and ssl
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: Openldap and Thunderbird
Next by Date: Re: replica and ssl
Index(es):
- Chronological
- Thread