Re: [olav bkor dhs org: SVN.gnome.org downtime! Sun 8 Jun 7:00 - 10:00 UTC]
- From: Olav Vitters <olav bkor dhs org>
- To: gnome-sysadmin gnome org, gnome-infrastructure gnome org
- Subject: Re: [olav bkor dhs org: SVN.gnome.org downtime! Sun 8 Jun 7:00 - 10:00 UTC]
- Date: Mon, 2 Jun 2008 15:16:40 +0200
On Mon, Jun 02, 2008 at 12:48:15AM +0200, Olav Vitters wrote:
> FYI.
>
> I'm going to setup a backup on container. If anything goes wrong, it'll
> just be a DNS change.
BTW: The LTS will have openldap 2.4. There is a mention that the current
LDAP replication method will not work in 2.4 However, the config option
is still in the slapd.conf manpage. Not sure if the upgrade will break
replication. If so, the replication has to be redone. I want to do that
in the near future anyway.
Basically: Currently the master server pushes changes to the slaves.
This is deprecated. In 2.3+, the slave will connect, compare everything
(slow initially) and retrieve all new objects (could be slow).
Optionally it can stay connected and wait for changes (this is of course
what we want). Every change in an object will result in the transfer of
the whole object(!). Doesn't matter too much as a userid doesn't have
more than ~1KB of data.
There is something to limit the transfer to just the changed attributes,
but I don't think it is critical to set that up.
Benefits:
* the new method allows you to start with a blank ldap database. The
slave will transfer everything that is missing (slower than slapcat,
but *much* easier)
* the slave connects to the master as a normal user. Allows setting
security options (not transferring certain attributes). Will result
in higher security as e.g. userPassword is only known on Red Hat
servers, not on others (other servers don't need it anyway).
--
Regards,
Olav
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
