[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replication security





--On Wednesday, November 09, 2005 7:05 AM -0500 John Halfpenny <jhalfpenny@excite.com> wrote:


hi everybody,

i have a couple of small questions regarding my openldap replication
setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off
readonly on the slave, all works well, i.e.

master-

replica host=master.my.local:389
 binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass
 syncrepl

slave-

updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

readonly on

I think you are confusing things... By "readonly" it is meant that people shouldn't be able to write changes to the slave, only to the master. If you have correctly set up replication, this will be the case by default.


--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html