[Date Prev][Date Next] [Chronological] [Thread] [Top]

Partial replication of attributes


I use openldap 2.1.12, bdb 4.1.25, redhat 8.0

I've read from man slapd.conf that we can partialy replicate :-)
However with the following configuration, I get all of my attributes replicated !?

replica         host=ldaptux1.int-evry.fr:9000
		#restriction to a subtree
		#restrict to a subset of objectclass
                objectclass="person organizationalPerson inetOrgPerson"
                bindmethod=simple   credentials=secret

I insert a new ldap entry with ldapadd, the entry ldif file containing:

objectClass: inetLocalMailRecipient
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: IntE-user
objectClass: labeledURIObject
objectClass: strongAuthenticationUser
objectClass: certificationAuthority
objectClass: top
objectClass: kerberosSecurityObject
objectClass: shadowAccount

and lots of related attributes, ei: homeDirectory

the ldapadd works fine, but on the replica machine I still get the wall set of attributes/objeclass for that new entry, although I wanted to restrict to attributes from objectclass="person organizationalPerson inetOrgPerson" as stated in my slapd.conf file . What is wrong ?

Second question: How can you initiate the database of the replica ? If I traditionnally do a slapcat on both master & slave, I get initialy all on the slave :-( !. Should I reinitiate both master & slave by a ldapadd of the wall database ?