Hello list, With the following scenario
Client (A) <-----> back_ldap Proxy (B) <-----> syncrepl Slave (C) <-----> Master (D)
and B and C use a binddn that only has full read permissions on the database, except for a couple of attributes, on which it has full write permissions. Also, Each of the represented nodes can only "talk" to the nodes to which there is a represented connection, so (A) and (B) cannot chase a configured referral to (D).
What would be the proper way to setup (B) and (C) so that (A) could push updates for the couple of attributes into the master (D) node?
At the Slave level, i've already setup chaining and making it use (D) as updateref, but then any push on (B) would not propagate. I also noticed that in although i used mode=self, in the chaining, i had to configure a binddn which had full write permissions. Wouldn't it be sufficient to have a full read enabled binddn or even no binddn at all since the bind would then be made using the clients credentials?
Thanks in advance, Hugo Monteiro. -- fct.unl.pt:~# cat .signature Hugo Monteiro Email : [email protected] Telefone : +351 212948300 Ext.15307 Web : http://hmonteiro.net Divisão de Informática Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa Quinta da Torre 2829-516 Caparica Portugal Telefone: +351 212948596 Fax: +351 212948548 www.fct.unl.pt [email protected] fct.unl.pt:~# _
