[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replication security

To: jhalfpenny@excite.com, OpenLDAP-software@OpenLDAP.org
Subject: Re: replication security
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Wed, 09 Nov 2005 12:00:36 -0800
Content-disposition: inline
In-reply-to: <20051109120528.D27DC3E0E@xprdmailfe12.nwk.excite.com>
References: <20051109120528.D27DC3E0E@xprdmailfe12.nwk.excite.com>

--On Wednesday, November 09, 2005 7:05 AM -0500 John Halfpenny <jhalfpenny@excite.com> wrote:


hi everybody,

i have a couple of small questions regarding my openldap replication
setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off
readonly on the slave, all works well, i.e.

master-

replica host=master.my.local:389
 binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass
 syncrepl

slave-

updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

readonly on

I think you are confusing things... By "readonly" it is meant that people shouldn't be able to write changes to the slave, only to the master. If you have correctly set up replication, this will be the case by default.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- replication security
  - From: "John Halfpenny" <jhalfpenny@excite.com>

Prev by Date: Re: How do I run a query on the bdb database before I've started listening for incoming request?
Next by Date: Re: Replication works, but logfile is not written to
Index(es):
- Chronological
- Thread