[Samba] smb bdc ldap strict read only ?

Craig White craigwhite at azapple.com
Sat Mar 13 16:35:46 GMT 2004

On Sat, 2004-03-13 at 07:33, RRuegner wrote:
> Hi Sambatistas,
> if have setup a ldap pdc which works realy nice.
> Connected over vpn i wanna setup a bdc with an ldap slave as recommended 
> in the docs.
> My question is should this ldap slave strict read only ?.
> I thought about passwords , as i enabled the ldap password sync.
> If the con is interrupted and there is only the slave what happens if a 
> user wants to change his password?
> Should i strictly forbid such actions to the slave from the bdc, so that 
> it is read only or is ther a way to configure ldap slave in setup
> to synchronize the written changes to his master after the connect to 
> the master is up again.
> I know this is more related to ldap question but any recommends are welcome
> Best Regards
I have always assumed that the updateref command in the slave pretty
much means that write operations are chased to the master and that
failing to locate the ldap master (i.e. connection is down) will mean
that write operations will fail.

There is no way that I know of (and I am no expert in LDAP) to
successfully permit write operations to a slave that are cached and sent
to the master without leaving the LDAP realm.


More information about the samba mailing list