[Fedora-directory-users] FDS and OpenLDAP integration
Richard Megginson
rmeggins at redhat.com
Mon Sep 10 15:28:00 UTC 2007
Matteo Angelino wrote:
> Thank's
> I have used the first solution, I hv added the followin line in my
> slapd.conf
>
> attr!=structuralObjectClass
>
> I have added othe two line in my slapd.conf
>
> attr!=entryUUID
> attr!=entryCSN
>
> with this 3 line the replication work fine.
Great! I've added this information here -
http://directory.fedoraproject.org/wiki/Howto:OpenldapIntegration
>
> On Sep 7, 2007, at 6:20 PM, Pierangelo Masarati wrote:
>
>> Pierangelo Masarati wrote:
>>
>>> Since the structuralObjectClass attribute is supposed to have a very
>>> special meaning for the DSA (RFC 4512), just adding it as a user
>>> attribute seems to me quite a broken approach. Provided you're
>>> running a decent version of OpenLDAP, you should be able to filter
>>> out undesired attributes from the replication process. For example,
>>> in slapd.conf (from slapd.conf(5) man page of OpenLDAP 2.3, but the
>>> feature exists since OpenLDAP 2.1, I think)
>>> replica [...]
>>> attr!=structuralObjectClass
>>> will prevent slurpd from replicating the negated attribute list.
>>
>> Just for the records: a custom patch in this sense was developed by
>> SysNet back in the old times of OpenLDAP 2.0 exactly for the purpose
>> of replicating an OpenLDAP server to a proprietary LDAP server that
>> didn't like many operational attributes slurpd was willing to push
>> in. It also provided partial subtree replication capabilities.
>>
>> A similar patch was prepared in the meanwhile by Symas and the two
>> merged into OpenLDAP 2.1.
>>
>> p.
>>
>>
>>
>> Ing. Pierangelo Masarati
>> OpenLDAP Core Team
>>
>> SysNet s.r.l.
>> via Dossi, 8 - 27100 Pavia - ITALIA
>> http://www.sys-net.it
>> ---------------------------------------
>> Office: +39 02 23998309
>> Mobile: +39 333 4963172
>> Email: pierangelo.masarati at sys-net.it
>> ---------------------------------------
>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> --------------------------------------------------------------
> Matteo Angelino
> Dipartimento di Informatica
> Via Bellini 25\G
> 15100 Alessandria
> ITALY
> Tel: +39 0131 360375
> Email: matteo.angelino at mfn.unipmn.it
> --------------------------------------------------------------
>
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070910/d1afda6c/attachment.bin>
More information about the Fedora-directory-users
mailing list