Going back to the original question...
On Tue, Mar 30, 2010 at 11:36:09AM -0500, Joe Friedeggs wrote:
Location A & B are two different customers, therefore it would not be prudent to replicate Location B's users in Locations A. But I need the Support group to exist in all locations.
That is a critical part of the requirement, so you cannot depend on the config of the customer-site machines to protect other customers' data.
Can this be done using syncrepl?
Another thought is to have LDAP Masters existing in each location, and somehow replicate the Support branch to each (mirrormode?). Should this be the approach?
That could be a very good approach, especially if the changes to the data are mostly done from the customer sites (i.e. site A data is mostly updated by people located at site A).
You would probably want to have a separate database for each suffix (support, site A, site B etc) and then use the relay backend to glue it all together so that searches could cover both the site data and the support data from one suffix.
It would not be necessary to use mirrormode, and as you said that connectivity is flaky I would certainly advise against it. One-way replication should be enough, and will certainly be safe.
Andrew