[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: replication security

To: <jhalfpenny@excite.com>, <OpenLDAP-software@OpenLDAP.org>
Subject: RE: replication security
From: "Ran Li" <Ran.Li@sprint-canada.com>
Date: Wed, 9 Nov 2005 16:12:13 -0500
Content-class: urn:content-classes:message
Thread-index: AcXlUhkdbiXLhNuNSiadIWbfZHgbMAAG9Sgw
Thread-topic: replication security

just a thought, the problem you could not update could be you use the
rootdn of slave as updatedn.

-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of John
Halfpenny
Sent: Wednesday, November 09, 2005 7:05 AM
To: OpenLDAP-software@OpenLDAP.org
Subject: replication security

hi everybody,

i have a couple of small questions regarding my openldap replication
setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off
readonly on the slave, all works well, i.e.

master-

replica host=master.my.local:389  binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass
 syncrepl

slave-

updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

 readonly on

to the slave configuration, it won't allow me to update!

my other query regards the {SSHA} password option used by the master to
bind to the slave, as i can't get this going either. i.e.

master-

 bindmethod=simple credentials={SSHA}dfsEWF4fw4wrqdsFSD

does this hashed manager password need to be generated on the slave or
the master? or should either suffice?

thank you very much in advance for any guidance!

john

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!

Prev by Date: Installation Troubles openldap / openssl
Next by Date: Re: BDB malloc problems and DB corruption
Index(es):
- Chronological
- Thread