[Date Prev][Date Next] [Chronological] [Thread] [Top]

Is one-way replication possible?

To: openldap-software@openldap.org
Subject: Is one-way replication possible?
From: "Mariano Aliaga" <marianoaliaga@gmail.com>
Date: Fri, 28 Sep 2007 11:28:56 -0300
Content-disposition: inline

Hi,
   I have the following situation:

ServerA:
   It is not managed by me and I can just take user and group
information from it.

dc=foo,dc=com
  |_ ou=Groups
  |_ ou=Users

ServerB:
   Managed by me, it's a Samba PDC backend and account database for
several services.

dc=bar,dc=com
  |_ ou=Computers
  |_ ou=Groups
  |_ ou=Users
  .
  .
  .

On ServerB I have the same users (uid's) as ServerA AND users from my
location. What I need is to sync just the userPassword attribute from
users on ServerA to the same users on ServerB.

Now, I thought about using syncrepl, but I have several problems:
   a. The BaseDN's are different. I would manage to change it on
ServerB if have no choice, but would rather "suffixmassage" it in some
way if possible.
   b. If I configure ServerB as a slave, then I can't modify it any
more, cause it referres modifications to the master. I just want the
userPassword synced from ServerA, but I need to be able to manage the
other users and objects on the tree. So, the replication should be
kind of "one-way only", but don't know if such thing is possible.

I would be very grateful if someone could help me with pointers or
suggestions about how to accomplish this, or what alternatives do I
have for a schema like this.

Thanks in advance.-

Follow-Ups:
- Re: Is one-way replication possible?
  - From: Guillaume Rousse <Guillaume.Rousse@inria.fr>

Prev by Date: Re: Center for Internet Security benchmark for OpenLDAP
Next by Date: Re: Center for Internet Security benchmark for OpenLDAP
Index(es):
- Chronological
- Thread