thanks a lot for your help.
Am 30.10.2014 16:07, schrieb Michael Ströder:
Uli Tehrani wrote:
> It is necessary to load the same overlay modules in a consumer configuration?
> Is it also necessary to configure the overlay like in the provider
> configuration ?
In general: No.
In detail: It depends.
> There are overlays that are needed only for the provider, e.g. syncprov.
> Others are only needed for the consumer like the chaining overlay.
So you're already answering your own general question. ;-)
> But for other overlays it is not that clear:
> Dynlist needs to be configured for both servers.
> But what's about dds, ppolicy and refinit?
slapo-dds writes to expiring entries and processes Refresh Operation Requests.
You don't need that on read-only consumers.
I'm pretty sure you want to enforce your password policy everywhere. So
slapo-ppolicy is needed on both.
slapo-refint potentially writes to referencing entries. Those write requests
usually get replicated. You don't need that on read-only consumers.
Opposite example: Modifications by slapo-memberOf are not replicated. So you
need that on read-only consumers.
> Is there a simple best practise ?
slapo-constraint and slapo-unique are also overlays you don't need on
Another exotic example:
I'm running slapo-accesslog even on consumers because then local write
requests of slapo-ppolicy are recorded in a database then. Costs performance
Am Ulrichshof 19
79189 Bad Krozingen