[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: permissions replication
- To: Christian Kratzer <ck-lists@cksoft.de>
- Subject: Re: permissions replication
- From: Miroslav Misek <miroslav.misek@netgarden.cz>
- Date: Sat, 11 Aug 2018 14:14:39 +0200
- Cc: openldap-technical@openldap.org
- Content-language: en-US
- In-reply-to: <alpine.BSF.2.21.999.1807041348350.67666@nocfra1.cksoft.de>
- References: <936543b2-d613-3c22-e5ce-c760e4ea8100@netgarden.cz> <alpine.BSF.2.21.999.1807041348350.67666@nocfra1.cksoft.de>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
Hi,
one more question please about cn=config replication.
When I set it up, it will override local olcDatabase={2}hdb,cn=config.
By which I will gain olcAccess records, which I need,
but at the same time I will loose olcSyncRepl attribute for
olcDatabase={2}hdb,cn=config no? This attribute does not exist at master
server.
Thanks,
Miroslav Misek
On 4.7.2018 13:50, Christian Kratzer wrote:
Hi,
On Sun, 1 Jul 2018, Miroslav Misek wrote:
Hi,
I am setting up master-slave replication for our off-site office, so
it can use authentication against ldap even with internet
connectivity issues.
Replication itself is working without problems. But it replicates
only data and not olcAccess attributes on database. So I have to set
them manually.
Please is there any way to replicate those attributes too?
I found only one way, and it is master-master replication of
cn=config database.
And it is not usable in our environment. Off-site office don`t have
public ip. And it is better for me to have this ldap instance read-only.
you can setup replication for cn=config identically to how you setup
replication for your data.
If you can replicate your data by pulling from the master you can do
the same for cn=config.
Greetings
Christian