----- "John Allgood" jallgood@ohl.com wrote:

Hello Again

Hi,

Maybe by the end of this project I will be somewhat of an ldap expert until them please bear with me.

It will take many years to get there (I'm no where near), trust me ;-)

I think I have gotten a little more understanding to how this will work. I have a provider and a consumer up and running and I am pointing each application and or server to both the provider and the consumer. Also there is something called referrals that are talked about for the consumer. Is this something I will need to use.

If you understand referrals you will be able to answer this yourself. Anyway, referrals "refer" a client to the Provider if it is trying to write a consumer that doesn't accept writes, think of it as "Go speak to the boss".

We started building the ldap server about a month ago. We have not really had the time to do proper research due to time constraints.

This can be a big problem.

We just used the rpms that Redhat provided with RHEL5 which is openldap 2.3. The rpms built from Redhat did not have the ppolicy overlay built in. I found the overlays on the Beta channels from Redhat Network and used those to get the ppolicy. I wish Redhat would stay a little more up2date. Anyways if there is anymore advise that can be provided I would appreciate it. Oh one more thing. When I was setting up syncprov for the first time I missed the part about loading the module in the slapd.conf. I did enter the overlay syncprov to my config and it appears to work. Can syncprov be built into openldap and not loaded as an module. Just wanted some verification on this issue.

Build it how you like, it's best to build from source to start with to get a feel for everything. Then depending on how you company works you can move to a commercially supported version. I would never recommend the RHEL version, but please visit the list archives for why.

Thanks.