Re: syncrepl in OpenLDAP 2.3.x and updating on a replica

[Filipe Brandenburger <filipe.brandenburger@idilia.com>]

Quanah Gibson-Mount wrote:
>> I would like to have something closer to what happens when using
>> slurpd, which seems to be more transparent to clients. I tried to set
>> "updatedn" but slapd complained that it is supported when using
>> slurpd.
> 
> I'm not sure what you mean.  You would get a referral using slurpd
> replication too, 

It's true. I hadn't realised that, and I somehow when I tested that I
got the wrong impression.

So, my questions are:

1. How do I get ldapmodify, ldapdelete, ... to follow referrals?

2. Will pam_ldap (when changing passwords) follow referrals?

> You can of course force updates to the slave to chain up to the master
> so they get written to the correct place, see the test suite.

I believe you're talking about "overlay chain", I looked at the
documentation but it seemed to be far more complex than what I want (I
just want to nss_ldap/pam_ldap load balance the queries between the two
machines.) I will try to see if referrals will work first, then I'll
start going down that route.

Thanks!
Filipe