[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: bindmethod and credentials in slurpd replication.

Sai wrote:
> Our server team does not want to update our openldap version beyond 2.2
> because redhat supports 2.2 as the latest and greatest for RHEL4.
> So I am trying to configure slurpd replication for them. I got the
> replication to work.

Don't take it personally but I consider such the decision of your server
team to be really stupid.

1. OpenLDAP release series 2.2.x is ancient. It reached end of life
years ago. There are no updates anymore by the OpenLDAP project, even no
security updates. Don't expect support here if you run into any specific
problems. Ask Red Hat support then. Especially you should not deploy
2.2.13 which AFAIK was shipped with RHEL4.

2. There are good reasons why slurpd was replaced by syncrepl
implementation and deprecated in release 2.3.x and removed from release
series 2.4.x. You shouldn't use it in a serious deployment today.

> But when defining “replica”, I got the following
> questions.
> 1)        For credentials, can I use hashed password like for rootpw

No, credentials have to provided in clear since slurpd is a LDAP client
to the slave.

Ciao, Michael.