[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: syncrepl and openLDAP sync feature

To: <openldap-software@openldap.org>
Subject: RE: syncrepl and openLDAP sync feature
From: "Mark Mcdonald" <mmcdonald@staff.iinet.net.au>
Date: Tue, 17 Apr 2007 10:07:02 +0800
Content-class: urn:content-classes:message
Thread-index: AceAXt7l1sQ/x7zdTqWJJjX+uoFhxAANBX8Q
Thread-topic: syncrepl and openLDAP sync feature

Joachim Hergeth (GTS) <mailto:jhergeth@freenet.de> wrote on Monday, April 16,
2007 10:58 PM: 
> To my knowledge and experience it is not possible to change data in an
> LDAP-consumer. You have to change the data in the producer and it then
> gets forwarded to the consumer by the syncrepl process.
> I observed this in my OpenLDAP installation.
> 
> Please correct me if I am wrong or if specific options have to be used to
> enable it. 

This is correct, as the names suggest the Provider will provide changes to the consumer(s).  In some circumstances it is possible (although extrememly bad practice) to impersonate the provider to make a change on a consumer, but the consumer will not notify any other nodes as it that is the role of the provider.

A 'normal' LDAP system consists of a provider who feeds all data to consumers.  The consumers receive changes ONLY from the provider and the provider will receive updates from your clients.  There are other situations (multiple-tier systems, multiple providers, etc) that require quite a bit more knowledge to configure.

Consumers are able to refer updates to the provider using referrals.  For more information search the list archives for referrals.

Mark

Follow-Ups:
- Re: syncrepl and openLDAP sync feature
  - From: Howard Chu <hyc@symas.com>

Prev by Date: ldapadd doubt
Next by Date: Re: ldapadd doubt
Index(es):
- Chronological
- Thread