On Sun, 2009-01-18 at 13:40 +0100, Thorsten Scherf wrote: > On [Sat, 17.01.2009 21:37], John A. Sullivan III wrote: > >I'm in the midst of setting up a DS replica using SSL and find myself a > >bit confused on the purpose of the User DS and Configuration DS tabs in > >the Administration Server Configuration. Could someone point me to some > >documentation on them? > > > >What do they represent? I am guessing the Configuration DS is how we > >connect to the portion of the tree holding configuration > >(o=NetscapeRoot?). When the LDAP server is part of another > >administrative domain, should this point to the local LDAP server or to > >the LDAP server which manages the administrative domain? > > The Configuration DS is o=Netscaperoot and User DS is the dn of your > DIT, eg. dc=example,dc=com. Since you can setup a dedicated DS just > for your Configuration, it makes sense to have seperated > SSL-Configuration settings for accessing the Configuration and User DS. > > When you have a setup where several LDAP instances sharing the same > Configuration Directory, then you have to point the User DS to the local > running instances and for the Configuration Directory you point to the > server which holds a copy of o=NetscapeRoot. > > Happy Day. > Thorsten <snip> Thank you, Thorsten. I assume when you say "several LDAP instances" you are not referring to replicas but separate trees. Is that correct? Thus, in the case of replicas, the User DS would point to the RW Master? - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society