[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl in OpenLDAP 2.3.x and updating on a replica



On Monday 16 June 2008 20:43:35 Filipe Brandenburger wrote:
> Filipe Brandenburger wrote:
> >> A better answer is that the OpenLDAP ldapmodify and ldapdelete tools
> >> will not follow referrals. If you're working in a setup that uses
> >> referrals, and you need the ldapmodify tool to work, then you need to
> >> use chaining.
> >
> > What about "passwd" over "pam_ldap"? Will it follow referrals? That's
> > the one I *need* to keep working.
>
> I just tested this, and it works: pam_ldap follows referrals.

Yes, this is a feature that has worked for quite some time (keeping start_tls 
over a referral however was fixed in the past two years).

> So, I guess having a "host" entry that points to a RR DNS will be the
> way I'll go on this one.
>
> I'll just have to take care of the other scripts that insert/delete
> users to ignore /etc/ldap.conf and point to the master directly.

Uh, most other mature tools already support master/slave operation, ones that 
don't should have bugs filed against them.

Regards,
Buchan