[Date Prev][Date Next] [Chronological] [Thread] [Top]

replication security



hi everybody,

i have a couple of small questions regarding my openldap replication setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off readonly on the slave, all works well, i.e.

master-

replica host=master.my.local:389
 binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass
 syncrepl

slave-

updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

 readonly on

to the slave configuration, it won't allow me to update!

my other query regards the {SSHA} password option used by the master to bind to the slave, as i can't get this going either. i.e.

master-

 bindmethod=simple credentials={SSHA}dfsEWF4fw4wrqdsFSD

does this hashed manager password need to be generated on the slave or the master? or should either suffice?

thank you very much in advance for any guidance!

john

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!