Hello Quanah,
Thanks for clarification.
That confuses me a little bit. All replication on openLDAP are based on syncreplication (slurpd is vanished a long time ago) So what kind of replication means the manual page (-> "Replica servers")?
It means that you run it in a replicated environment at your own risk. Unfortunately, there is no defined standard for the "memberOf" functionality (it's a MS hack) and so there's nothing that details how it should or shouldn't behave with replication. In general, things work fine as long as:
a) The server(s) never go into REFRESH and b) You never bring up a new replica with an empty database (which then does a full REFRESH)
That means, if I run in mirrormode, I can turn on the memberOf overlay on the active openLDAP server and off on the slave. Then REFESH ist supported?! In emegency case (hardware error) I can make the mirror (manual) aktive an turn the overlay on?!
Thanks Meike
--On Monday, October 01, 2018 11:38 AM +0200 Meike Stone meike.stone@googlemail.com wrote:
That means, if I run in mirrormode, I can turn on the memberOf overlay on the active openLDAP server and off on the slave. Then REFESH ist supported?!
Nope, since you need slapo-memberOf to be present on each node.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Meike Stone -
Quanah Gibson-Mount