Re: OpenLDAP Replication - Trust or not to Trust?

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 01:54 PM 10/23/2004, Alex Franko wrote:
>I have 3 questions on Kurt's response:
>
>A) Does it mean that the following scenario from chapter 13 of  OpenLDAP
>Administration Guide is wrong (see below):

No.

>B) I think that not  ldapmodify , but the Client should chase referrals.

ldapmodify(1) is a LDAP client.

>So
>if  Client doesn't do that it means that other operations such -
>- ldapdelete, ldapmordn will not work also?

There are, I assume, clients which do support automatic chasing
of referrals.  However, as noted in the admin guide,
  ldapmodify(1) and other tools distributed as part of OpenLDAP
  Software do not support automatic referral chasing. 

>C) So if it is not a bug should be documentation updated correspondingly?
>     Isn't it possible to re-develop the Clent to chase referrals for updating utilities
>such as ldapmodify, etc  - with consideration of security issues?

ldapmodify(1) (and other OpenLDAP clients) can certainly be re-developed.

>Alex.
>
>
>"Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:
>At 12:43 PM 10/23/2004, Alex Franko wrote:
>>May be I misunderstood the documentation and my expectation that Client should automatically redirect request to the Master is wrong? 
>
>ldapmodify(1) doesn't automatically chase referrals
>(for security reasons).
>
>Kurt 
>
>
>Do you Yahoo!?
><http://us.rd.yahoo.com/mail_us/taglines/aac/*http://promotions.yahoo.com/new_mail/static/ease.html>Yahoo! Mail Address AutoComplete - You start. We finish.