--On Sunday, March 7, 2021 11:36 PM +0100 "A. Schulze" sca@andreasschulze.de wrote:
Am 02.03.21 um 13:19 schrieb A. Schulze:
I'm running a LDAP provider and multiple LDAP consumer and like to ask for your opinions to such a setup: While writing data to the LDAP provider, schema-checking is enforced. Currently also the LDAP consumer enforce schema checking.
Q: does it make sense to enforce schema checking on a LDAP consumer, too?
would be helpful if you could share experience/suggestion/opinion
Yes, it makes sense, particularly when using cn=config. I.e., if the master has had a schema update prior to the consumer being modified similarly, it prevents changes with unknown schema elements from being replicated.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com