[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: syncbackup



> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]

> >>       * contextCSN LDAP control
> >>
> >>          This is a LDAPv3 LDAP control. When the master
> propagates the
> >>       operation, it puts the appropriate contextCSN value to the
> >>       operation. If the backup server gots the contextCSN control,
> >>       it uses the value rather than using lutil_csnstr().
> >
> >I see that this is a good idea when performing synchronous
> replication of
> >this type.
>
> It would be nice to have a control which allowed a client to
> provide NO-USER-MODIFICATION values to the servers.  This would
> be particularly useful when inserting entries whose UUIDs, CSNs, etc.
> were created externally.

Sounds kinda like doing an end-run around the schema. But it definitely seems
to be necessary since we can't distinguish server-to-server traffic from
client-to-server traffic. How do we prevent this type of control from being
misused/abused?
  -- Howard