[Date Prev][Date Next] [Chronological] [Thread] [Top]

Securing against writes on slave slapd

To: openldap-software@openldap.org
Subject: Securing against writes on slave slapd
From: Cian Davis <davisc@skynet.ie>
Date: Tue, 27 Feb 2007 19:18:38 +0000
User-agent: Thunderbird 1.5.0.9 (Windows/20061207)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi All,
Apologies if this has been posted before - I had a search through the
archives but couldn't find anything.

We have a master slapd and slurpd feeding to a slave LDAP server - all
user info, including auth, comes from LDAP. The LDAP master machine
has /home and the slave runs the mail server. I had thought that I saw
something in the OpenLDAP manual that you could force any attempted
changes on the slave server to be redirected to the master (and then
obviously, the changes would get to the slave via a push from slurpd).
But after numerous searches, I can't find it. Was I imagining things
or is there such a directive?

Now this may sound stupid, but if you put the slave slapd into
readonly mode, can it accept updates from slurpd on the master? It
would reduce the chances of writes being made to the slapd on the
slave and causing synchronisation headaches.

Regards,
Cian Davis


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF5IQO2yUma7R/3b8RAoP+AJ957698itvq1ftWXl9qfItnvDk+dwCeLSYM
JaiuX7U9+Svz2bfk7s8yGG4=
=RoOK
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Securing against writes on slave slapd
  - From: "matthew sporleder" <msporleder@gmail.com>

Prev by Date: Re: dynamic config support for unique overlay
Next by Date: Re: Securing against writes on slave slapd
Index(es):
- Chronological
- Thread