[Date Prev][Date Next] [Chronological] [Thread] [Top]

replication security

To: OpenLDAP-software@OpenLDAP.org
Subject: replication security
From: "John Halfpenny" <jhalfpenny@excite.com>
Date: Wed, 9 Nov 2005 07:05:28 -0500 (EST)

hi everybody,

i have a couple of small questions regarding my openldap replication setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off readonly on the slave, all works well, i.e.

master-

replica host=master.my.local:389
 binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass
 syncrepl

slave-

updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

 readonly on

to the slave configuration, it won't allow me to update!

my other query regards the {SSHA} password option used by the master to bind to the slave, as i can't get this going either. i.e.

master-

 bindmethod=simple credentials={SSHA}dfsEWF4fw4wrqdsFSD

does this hashed manager password need to be generated on the slave or the master? or should either suffice?

thank you very much in advance for any guidance!

john

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!

Follow-Ups:
- Re: replication security
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: High CPU usage with syncrepl on 2.26
Next by Date: Replication works, but logfile is not written to
Index(es):
- Chronological
- Thread