[Date Prev][Date Next]
Securing against writes on slave slapd
-----BEGIN PGP SIGNED MESSAGE-----
Apologies if this has been posted before - I had a search through the
archives but couldn't find anything.
We have a master slapd and slurpd feeding to a slave LDAP server - all
user info, including auth, comes from LDAP. The LDAP master machine
has /home and the slave runs the mail server. I had thought that I saw
something in the OpenLDAP manual that you could force any attempted
changes on the slave server to be redirected to the master (and then
obviously, the changes would get to the slave via a push from slurpd).
But after numerous searches, I can't find it. Was I imagining things
or is there such a directive?
Now this may sound stupid, but if you put the slave slapd into
readonly mode, can it accept updates from slurpd on the master? It
would reduce the chances of writes being made to the slapd on the
slave and causing synchronisation headaches.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----