[Date Prev][Date Next] [Chronological] [Thread] [Top]

chaining through proxy and slave

Hello list,

With the following scenario

Client (A) <-----> back_ldap Proxy (B) <-----> syncrepl Slave (C) <-----> Master (D)

and B and C use a binddn that only has full read permissions on the database, except for a couple of attributes, on which it has full write permissions. Also, Each of the represented nodes can only "talk" to the nodes to which there is a represented connection, so (A) and (B) cannot chase a configured referral to (D).

What would be the proper way to setup (B) and (C) so that (A) could push updates for the couple of attributes into the master (D) node?

At the Slave level, i've already setup chaining and making it use (D) as updateref, but then any push on (B) would not propagate. I also noticed that in although i used mode=self, in the chaining, i had to configure a binddn which had full write permissions. Wouldn't it be sufficient to have a full read enabled binddn or even no binddn at all since the bind would then be made using the clients credentials?

Thanks in advance,

Hugo Monteiro.

fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : hugo.monteiro@fct.unl.pt
Telefone : +351 212948300 Ext.15307
Web      : http://hmonteiro.net

Divisão de Informática
Faculdade de Ciências e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.fct.unl.pt                apoio@fct.unl.pt

fct.unl.pt:~# _