Uli Tehrani wrote:
It is necessary to load the same overlay modules in a consumer
Is it also necessary to configure the overlay like in the provider
In general: No.
In detail: It depends.
There are overlays that are needed only for the provider, e.g.
Others are only needed for the consumer like the chaining overlay.
So you're already answering your own general question. ;-)
But for other overlays it is not that clear:
Dynlist needs to be configured for both servers.
But what's about dds, ppolicy and refinit?
slapo-dds writes to expiring entries and processes Refresh Operation Requests.
You don't need that on read-only consumers.
I'm pretty sure you want to enforce your password policy everywhere. So
slapo-ppolicy is needed on both.
slapo-refint potentially writes to referencing entries. Those write requests
usually get replicated. You don't need that on read-only consumers.
Opposite example: Modifications by slapo-memberOf are not replicated. So you
need that on read-only consumers.
Is there a simple best practise ?
slapo-constraint and slapo-unique are also overlays you don't need on
Another exotic example:
I'm running slapo-accesslog even on consumers because then local write
requests of slapo-ppolicy are recorded in a database then. Costs performance