[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Replication using conditions
On Sat, Apr 19, 2003 at 04:11:18PM +0200, Jerome Walter wrote:
> First question : is it possible to consider replicating some fields of an
> account ? Do i have to patch something to make it work ?
>
> Second point : assuming that the precedent point is possible, and to have an
> "evolutive" schema, is it possible to consider matching conditions on the
> value of a field (i.e. if userAccess=A then replicate this, else not) ?
I have never tried this myself, but you should check the slapd.conf(5) manpage
about the replica directive and the "attr" parameter, reproduced below:
replica host=<hostname>[:port] [tls=yes|critical] [suffix=<suffix>
[...]] bindmethod=simple|sasl [binddn=<simple DN>]
[credentials=<simple password>] [saslmech=<SASL mech>]
[secprops=<properties>] [realm=<realm>] [authcId=<authentication
ID>] [authzId=<authorization ID>] [attr[!]=<attr list>]
Specify a replication site for this database. Refer to the
"OpenLDAP Administrator's Guide" for detailed information on
setting up a replicated slapd directory service. Zero or more
suffix instances can be used to select the subtrees that will be
replicated (defaults to all the database). A bindmethod of
simple requires the options binddn and credentials and should
only be used when adequate security services (e.g TLS or IPSEC)
are in place. A bindmethod of sasl requires the option saslmech.
Specific security properties (as with the sasl-secprops keyword
above) for a SASL bind can be set with the secprops option. A
non-default SASL realm can be set with the realm option. If the
mechanism will use Kerberos, a kerberos instance should be given
in authcId. An attr list can be given after the attr keyword to
allow the selective replication of the listed attributes only;
if the optional ! mark is used, the list is considered
exclusive, i.e. the listed attributes are not replicated. If an
objectClass is listed, all the related attributes are (are not)
replicated.