[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: write only referrals - possible?
>From my (limited) knowledge of samba (3.0.X), it allows to configure both
the slave and the master DSA for users storage, and autimatically directs
password changes to the master even when reading from a slave. Consult
samba's documentation for details.
p.
> In my case, I use OpenLDAP for Samba authentication and would like to
> use one central OpenLDAP server for storing usernames and their
> passwords for all office branches - from central server they would be
> replicated to all slaves in branch offices.
>
> Sounds very easy, but I would like to allow users to change their
> passwords, without having them to drive to where the central server is :)
>
> The whole process should look like below - taken from chapter 13.1 of
> Admin's Guide:
>
> 1. The LDAP client submits an LDAP modify operation to the slave slapd.
>
> 2. The slave slapd returns a referral to the LDAP client referring the
> client to the master slapd.
>
> 3. The LDAP client submits the LDAP modify operation to the master slapd.
>
> 4. The master slapd performs the modify operation, writes out the change
> to its replication log file and returns a success code to the client.
>
>
> Does it mean that it is possible to construct a "write only" referral?
>
>
> For example, I would like to have a write-only referral (reading should
> be done from a slave) for:
>
> uid=<EVERYUSER>,ou=Users,dc=example,dc=com
>
> and from there, only attributes "sambaLMPassword" and "sambaNTPassword".
>
> Is it possible? If so, how?
>
>
> Tomek
>
>
>
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497