Re: partial replication of entries/attributes

[Stefan Alfredsson <bulk@alfredsson.org>]

On Thu, Jan 10, 2002 at 08:56:29AM +0100, Pierangelo Masarati wrote:
> Stefan Alfredsson wrote:
> > Is it possible to do a partial replication, i.e. only certain attributes
> > are taken into consideration?
> 
> No. I'd say "not yet" because I was thinking about doing something like 
> that some day.  A simple yet powerful solution would be to pass the data 
> being sent to each replica thru ACLs.

I came to think about this possiblity today myself; If the replica binddn
only has write access to certain attributes on the slave, would this
work as expected? 

Something like this springs to mind (slave config):

access to attrs=maillocaladdress,rfc822mailmember,cn,uid
	by dn="cn=repl,dc=acme,dc=org" write
	by * read

access to *
	by * read

Or would slurpd fail when it has no access to modify other attributes
on the slave? I.e. if only maillocaladdress is changed, it is successful.
If maillocaladdress and loginShell were changed at the same time,
there would be a conflict and the "transaction" would fail?

/Stefan