Re: Referential Integrity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/16/2015 06:50 PM, William wrote:

nsslapd-pluginAllowReplUpdates

It looks like there is no documentation about how this config value
works though: and the values it influences aren't widely through the
code so I can't confirm if it's a finished feature.

It is finished, and I will write a design document for it on the wiki
(port389.org).

Thanks for that. I'd like to look at this document once you are done.



Can someone confirm if how I'm interpreting this is correct, and if we
should open a documentation bug to get this documented?

So, by setting this to "on", it allows delete operations that come from
replication to be processed by the RI plugin.  Usually the RI plugin
ignores replicated delete operations because it is assumed the supplier
replica has the RI plugin enabled, and it has already performed the
group cleanup(and those changes are replicated).  So there is no need to
do it twice.  However, there are some scenarios where the supplier might
NOT have enabled the RI plugin.  In this case we do want the local RI
plugin to process the replicated delete operation, and this is where
this setting would come into play.

So in the case of having RI on two ldap servers, you would set this to
off, since the server that handled the delete will replicate the other
updates soon after. In the case of RI on a single server, when the
non-RI server issues a delete, the RI enabled server would be triggered
to run the RI checks. Is that correct?
Correct, but the RI enabled server needs to have nsslapd-pluginAllowReplUpdates set to "on" if there are any other master/supplier replication servers that do not have RI plugin enabled. 



Given that you seem to be quite familiar with the refint code, can you
comment on the ability to run two masters with both having the plugin
enabled?
This is the preferred way, and requires no "special" configuration steps. Ideally all the servers in a replicated deployment should have the same plugin configurations. It's when server configurations are not the same that you can run into issues(e.g. needing to set nsslapd-pluginAllowReplUpdates to "on", etc). 



--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux