That makes me wonder what his script is doing... Sounds like the script is handling some
part of the replication.
Cent6.2 has been out for quite a while, with OpenLDAP 2.4.23 binaries. Considered old and
'unsupported' by the OpenLDAP crew, but still working flawlessly in our simple
setup (used for just system auth for ssh, sudo, svn, etc.). We are using ppolicy, but
found the syncing password failures AND having a user's actual password be checked
(making the password failure sync useless) turned out to not be doable (I won't say
possible as I'm open to our configs being off, but haven't heard any
In short, I understand not wanting to compile and support your own binaries, but Cent6.2
is a pretty easy upgrade (opt for sssd vs pam_ldap).
Systems Administrator, Technology Services Group
Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc.
1501 4th Ave | Suite 2500 | Seattle, WA 98101
direct 206.839.8245 | cell 206.601.3256 | Fax 206.644.0628
----- Original Message -----
To: openldap-technical(a)openldap.org <openldap-technical(a)openldap.org>
Sent: Sat Jun 16 10:02:10 2012
Subject: Re: Monitoring 2.3.43?
On Sat, 16 Jun 2012 17:49:07 +0200, Turbo Fredriksson wrote:
After monitoring a colleagues batch modifications, I now see that
contextCSN now match:
This, BESPITE that the actual ppolicy does NOT exist on kelvin!
And even worse: Some modifications does not propagate to the slaves!
Sometimes. Running his script again, the changes seems to be there..
... but you know as soon as Oracle starts waving its wallet at a
Company it's time to run - fast.
/illumos mailing list
This message is private and confidential. If you have received it in error, please notify
the sender and remove it from your system.