[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: replication security

just a thought, the problem you could not update could be you use the
rootdn of slave as updatedn.

-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of John
Sent: Wednesday, November 09, 2005 7:05 AM
To: OpenLDAP-software@OpenLDAP.org
Subject: replication security

hi everybody,

i have a couple of small questions regarding my openldap replication
setup, if anyone knows the answers i would appreciate it enormously :-)

if i run with a cleartext password for the updatedn, and turn off
readonly on the slave, all works well, i.e.


replica host=master.my.local:389  binddn="cn=Manager,dc=my,dc=local"
 bindmethod=simple credentials=mypass


updatedn "cn=Manager,dc=my,dc=local"
 referral ldap://master.my.local

but i have read that the slave should really be readonly, yet when i add

 readonly on

to the slave configuration, it won't allow me to update!

my other query regards the {SSHA} password option used by the master to
bind to the slave, as i can't get this going either. i.e.


 bindmethod=simple credentials={SSHA}dfsEWF4fw4wrqdsFSD

does this hashed manager password need to be generated on the slave or
the master? or should either suffice?

thank you very much in advance for any guidance!


Join Excite! - http://www.excite.com
The most personalized portal on the Web!