i'm doing some tests to replace our openldap based ldap infrastructure
with fds; i'm really happy with fds compared to openldap, but i'm running into a little problem...
what i'm trying to achieve: we have 2 different user passwords: one for our lan, the other for the dmz (imap, jabber, ...) ; the ldap supplier is in the lan, and there's a consumer in the dmz;
the lan password should be used for user/services binding to the lan server, while the dmz password should be used for user/services binding to the dmz server
is there a simple way to do that with fds (eg. a plugin where one can choose which attribute fds uses for binds) ?
with openldap, on the supplier, the lan password was stored in userPassword, and the dmz password was stored in obsDmzPassword (from our custom schema) ; the userPassword attribute was excluded from the lan->dmz replication, and we had a script that would connect to the dmz as the directory manager (-> so no referral with this user) and which would copy the content of obsDmzPassword to userPassword
that's ugly, but it worked fine
now, with fds, i managed to do the same thing, when selecting "use the databases" under "suffix request processing" on the consumer ; however, this setting goes back to "return referrals for update operations" after each full consumer initialization ; is there a way to prevent that from happening ?
thanks !
ivan
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
