[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
FW: Chaining
- To: <openldap-software@openldap.org>
- Subject: FW: Chaining
- From: "Jorge Medina" <jmedina@e-dialog.com>
- Date: Tue, 1 Jul 2008 17:21:55 -0400
- Content-class: urn:content-classes:message
- Thread-index: AcjbT99ixiirtECkRzCnPJAX8hVldgAZgBawAAKbAgA=
- Thread-topic: Chaining
I mean, I get "TLS negotiation failure" on the syslog when attempting to
change an attribute on an entry when using the slave server.
-----Original Message-----
From: Jorge Medina
Sent: Tuesday, July 01, 2008 5:08 PM
To: openldap-software@openldap.org
Subject: RE: Chaining
I am trying to create a master-slave replication with chaining overlay
enabled in the slave to redirect writes request to the master.
I have it working using ldap:// but I have not been able to configure
the chain overlay using a secure connection ldaps:// (running on port
5636 on the master)
My master server do not require client certificates.,
I added the following lines:
overlay chain
chain-uri "ldaps://masterldap.example.com:5636"
chain-idassert-bind bindmethod="simple"
binddn="cn=Manager,dc=example,dc=com"
credentials="secret"
mode="self"
tls_cacert="/path/to/my/CA/cert.pem"
chain-return-error TRUE
But I get "TLS negotiation failure" on the syslog
I am using ldaps:// for replication, but I can't configure it for
chaining
Any hints?
-----Original Message-----
From: Gavin Henry [mailto:ghenry@suretecsystems.com]
Sent: Tuesday, July 01, 2008 3:55 AM
To: Jorge Medina
Cc: openldap-software@openldap.org
Subject: Re: Chaining
<quote who="Jorge Medina">
> One more question, this time on the chaining overlay.
>
>
>
>
>
> "What is chaining? It indicates the capability of a DSA to follow
> referrals on behalf of the client, so that distributed systems are
> viewed as a single virtual DSA by clients that are otherwise unable to
> "chase" (i.e. follow) referrals by themselves."
>
>
>
> In the example shown at
> http://www.openldap.org/doc/admin24/overlays.html#Chaining
>
>
>
> Is the chaining overlay example used to forward write
> requests from the syncrepl slaves to the master server?
>
Yes, correct.
--
Kind Regards,
Gavin Henry.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in Scotland. Registered
number: SC258005. Registered office: 13 Whiteley Well Place, Inverurie,
Aberdeenshire, AB51 4FP.