[Date Prev][Date Next] [Chronological] [Thread] [Top]

questions on replication

Recently, I've set up replication under OpenLDAP 1.2.11.  At the moment, 
I have a single slave.

On the master, I have:

    replica        host=slave:389

And on the slave:

    referral       ldap://master/
    updatedn       "uid=replica,..."
    access         to *
                   by dn=uid=replica,... write

I have a few problems/questions:

  1.  Are the "rootdn" and "rootpw" directives still needed in slapd.conf 
      on the slave server? 

      By leaving them there, am I allowing the slave server to be modified 
      "directly", outside of the replication process?  Is this a good thing?

  2.  If I use the 'ldapmodify' command and attempt to change something on 
      a slave server, and I do *not* bind as the updatedn, what result 
      should I get? 

      I'm expecting to receive a referral, but don't expect 'ldapmodify' to 
      chase the referral.  However, I'm getting:

        ldap_modify: No such object

      instead.  If I retry the 'ldapmodify' command and bind as the updatedn, 
      then the command is successful.  So the object *does* exist in the 

Thomas J. Pinkl                         738 Louis Drive
Unix Systems Programmer                 Warminster, Pa 18974
Health Business Systems, Inc.           (215) 442-9300 x9260