On Wednesday 01 August 2007 23:53:22 hadmut@danisch.de wrote:
Full_Name: Hadmut Danisch Version: 2.3.35 OS: linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (85.180.64.215)
This is an enhancement request:
When having a distributed LDAP structure with a master and several SyncRepl clients, the clients can do the SyncRepl only on fixed refresh intervals (e.g. type=refreshOnly, interval=00:00:20:00)
However, there are many situations where this is inappropriate, e.g. on dial-on connections, roaming notebooks, and things like that.
Therefore, slapd should have a client mode where the SyncRepl process is performed only on request, but then immediately. There should be an external trigger to pull, e.g. send a signal oder do a special LDAP request. slapd should then start a SyncRepl.
E.g. this could be put in scripts run at connect-time (pppd provides that kind of scripting), or when notebook autoconfiguration detects (e.g. with tools like guessnet) that it is connected to the home network to update it's local slapd.
While I'm not saying this feature should not be implemented, I note that there are other solutions for doing off-line authentication on (e.g.) laptops that don't expose the whole DIT (but only credentials that have already been used on the client).