[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: translucent overlay with local-only entries



Howard Chu wrote:
Sven Ulland wrote:
[...]
Gavin Henry wrote:
I see local *modifications*, yes. Example: A remote entry with
uid=andrew is edited on the translucent extension with a new
description. When searching, I see the locally changed description
without problems.

On the other hand, when I create *entries* that only exist on the
translucent extension, I never see any sign of them when searching. I
do see them when running slapcat, so they are indeed present in the
local database.

This should be fixed with Howard's 2.4.8 patch some time ago,

No.

Re-read the slapo-translucent manpage:

 >>>
Entries retrieved from a remote LDAP server may have some or all
attributes overridden, or new attributes added, by entries in the
local database before being presented to the client.
<<<

Entries that only exist locally have no meaning. Translucency is
only for modifying the view of an entry that already exists
remotely.

Then I have misunderstood the wording in the man page, specifically this: "With [translucent_local], search filters will be split into a local and remote portion, and local attributes will be searched locally." I also wrongly assumed that it would be possible, given Gavin's follow-ups.

Now that it's clear that slapo-translucent alone won't do what I'm
after (a stand-alone directory extension with local-only attribute
changes and also local-only entries), the proper way might be to use a
local directory, slapd-meta using the master and local directories, with
default-target pointing to the local dir for writes. That should at
least be a place to start. I'll see if I can get it working.

sven