[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: translucent overlay - bogus local entries

To: Steve Eckmann <steve.eckmann@issinc.com>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: translucent overlay - bogus local entries
From: Howard Chu <hyc@symas.com>
Date: Sun, 19 May 2013 07:01:37 -0700
In-reply-to: <86886F8370089B40AD301C149FCF6A53191B64E1@BL2PRD0412MB632.namprd04.prod.outlook.com>
References: <86886F8370089B40AD301C149FCF6A53191B64E1@BL2PRD0412MB632.namprd04.prod.outlook.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0 SeaMonkey/2.20a1

Steve Eckmann wrote:

We noticed that adding a local entry for which there is no corresponding
remote entry doesn’t cause an error to be reported, but the bogus local entry
cannot then be found or deleted, as far as I can tell. I realize it was a
mistake to add such an entry, but is it possible to configure the translucent
overlay to prevent the client from making this mistake, or is it up to the
client to ensure a remote entry exists before adding a local entry? And is
there some way to find and delete such bobus local entries, either via LDAP
commands or by directly querying and managing the local mdb instance?

Adds only work when performed by the rootDN. Likewise for Deletes. If yourclients are using the rootDN for routine operation, you're doing something wrong.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- RE: translucent overlay - bogus local entries
  - From: Steve Eckmann <steve.eckmann@issinc.com>

References:
- translucent overlay - bogus local entries
  - From: Steve Eckmann <steve.eckmann@issinc.com>

Prev by Date: translucent overlay - bogus local entries
Next by Date: RE: translucent overlay - bogus local entries
Index(es):
- Chronological
- Thread