This is what we recommend ... http://www.redhat.com/docs/manuals/dir-server/ag/7.1/modify.html
How Referential Integrity Works
When the Referential Integrity Plug-in (see "Referential Integrity
Postoperation Plug-in," on page 510
<http://www.redhat.com/docs/manuals/dir-server/ag/7.1/plgintro.html#1080987>)
is enabled, it performs integrity updates on specified attributes
immediately after a delete or rename operation. By default, the
Referential Integrity Plug-in is disabled.
Note
The Referential Integrity Plug-in should only be enabled on one supplier
replica in a multi-master replication environment to avoid conflict
resolution loops. When enabling the plug-in on servers issuing chaining
requests, be sure to analyze your performance resource and time needs,
as well as your integrity needs. Integrity checks can be time-consuming
and draining on memory/CPU.
Kimmo Koivisto wrote:
HelloI tried the referential integrity plug-in and it worked as expected with single master environment and groupofnames and groupofuniquenames groups. I read the admin guide but there were some things that I did not fully understand:1. How about multimaster environment, if I have servers A and B and I enable plug-in to server A. When change is done to the server B, server A shoud make deletions ar modifications to the directory.But what if the server A is down for maintenance and user is deleted from server B, what happends? Does the server A do anything when it is started after maintenance?2. How to enable referential integrity to the memberUid attribute?I have user cn=user,c=fi that has uid=user and that user is added to group example so that there is attribute memberUid=user. When user is deleted, uid should be removed from example group. How to achieve this?I tried to add nsslapd-pluginarg7=memberUid to the plugin but it did not work. I'm testing this with FC4 and FDS 1.0.4. Best Regards Kimmo Koivisto -- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
