[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: central database on one server, "dislocated" servers in many cities

Howard Chu wrote:

>> 5) moreover, in each branch, clients should be able to change their passwords,

>>and Samba should be able to add machines to the database automatically.
>>These changes should be added to the local machine (to save time on a tight
>>bandwidth, prevent failures due to broken link etc.), which would then be
>>transferred to the central server, and from there, to the rest of the branch offices.

For the realtime solution - use the chaining overlay in OpenLDAP 2.2 to force the replicas to directly update the master when a client performs a modification. This guarantees that changes will preserve data consistency, and avoids the problems of client-side referral chasing, but it requires that the master is reachable when a modification is performed.

OK... I guess I'd use "realtime" solution then.

Could you pint me to some documentation on "chaining overlay"?
In the whole "OpenLDAP 2.2 Admirator's Guide" there is no such word as "chaining", and there is only one word "chain", not very relevant to this topic.

As I said, this will be only used for changing passwords / adding machines, and as these are done rather seldom, it's OK if it's slow - connsistecy is a priority here.

I thought of using referrals for that, but I'm not sure if it's possible to use referrals just for write access:

1) passwords should be written to the master, and then replicated to slaves,

2) on the other hand, passwords should be read from slaves located locally - to provide fast access (and to prevent a situation when a link to the master is broken, and noone can log in, as connecting to master and getting password is impossible).