Richard Megginson wrote:
ILoveJython wrote:
I have read the document:
Howto:ChainOnUpdate - Fedora Directory Server
<http://directory.fedora.redhat.com/wiki/Howto:ChainOnUpdate>
and have been unable to get it to work. When I attempt a write to the
consumer it makes the change on the
consumer and does not update the master.
This is bad. If the consumer is configured to be a read only consumer
you should not be able to make a change on it. You should either get
a referral returned from the consumer to the client program which the
client program will follow to make the change on the master, or, if
chain on update is working, you will see the operation on the consumer
and the same corresponding operation sent to the master.
With the next change on the master of any kind,
the mapping tree entry for this suffix changes from "nsslapd-state:
backend" to "nsslapd-state: referral on update".
Once this state changes, my client complains that it cannot update,
since it cannot follow referrals.
Ulf, you've been able to get this running, right?
Yes, I was testing this a few weeks ago with the 7.1 release on HP-UX.
It was configured with the instructions in the wiki document with a
minor change to a malformed ACI (but that shouldn't cause this problem):
http://directory.fedora.redhat.com/wiki?title=Howto%3AChainOnUpdate&diff=0&oldid=2794
There was also a minor issue with a spurious warning being logged. It
doesn't cause any harm, just an inconvenience:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176293
Danney, can you paste us these entries from your consumer's dse.ldif?
dn: cn="{your replicated suffix}", cn=mapping tree, cn=config
dn: cn=replica, cn="{your replicated suffix}", cn=mapping tree, cn=config
dn: cn=config, cn=chaining database, cn=plugins, cn=config
dn: cn={name of your chaining backend}, cn=chaining database,
cn=plugins, cn=config
In the fourth one you can blank out the "nsmultiplexorcredentials" value
before you send it.
In addition, there are no log entries on the master to indicate any
activity back from the consumer to the master, i.e.
a proxy login.
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
