[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-directory-users
Subject: Re: [389-users] Sanity check for install approach
From: Jonathan Boulle <Jonathan.Boulle () betfair ! com>
Date: 2010-07-29 13:53:31
Message-ID: 067C91E55BB3434E961D289DC5B8457365CD1310 () HAMMBX02 ! uk ! betfair ! local
[Download RAW message or body]
On closer examination of the doc, it appears that chaining updates is only possible \
when using database links. However, as I infer, using database links removes the \
possibility of replication, because the link would pass any modification back to the \
remote database. Thus, if you had a consumer configured with a database link back to \
a supplier, and then set up a replication agreement from the supplier to the \
consumer, it would be replicating to its own database! Am I understanding this \
correctly?
Is there a way to achieve our desired scenario: where no clients can directly access \
a read-write supplier (i.e. referrals are disabled, because network access is \
blocked); but they're still able to change their passwords, because the read-only \
consumer chains the update request back to a supplier?
Cheers
-----Original Message-----
From: 389-users-bounces@lists.fedoraproject.org \
[mailto:389-users-bounces@lists.fedoraproject.org] On Behalf Of \
Gerrard Geldenhuis
Sent: 29 July 2010 13:04
To: 389-users@lists.fedoraproject.org
Subject: [389-users] Sanity check for install approach
Hi
I would appreciate anyone just giving the tasks below a sanity check.
We will have a multimaster setup with various consumers from which clients will be \
authenticating off. Clients can not reach the masters directly and can only reach the \
consumer servers.
To enable password policies to work correctly I will configure the consumer servers \
to chain requests back to the masters and enable chaining for the Password policy \
component. My understanding is thus that when a client tries to authenticate against \
the consumer server and fails, the password policy configured on the consumer will \
activate and the counter incremented for failed logins. This incremented counter \
change will then be chained back to the master which will replicate it back to the \
consumer and any other consumers.
To rephrase the above... in a user story.
User authenticates against consumer01
Authentication fails
Consumer01 has password policy configured and replication from master01.
What happens next?
Does the consumer automatically communicate this failure back to master01, or do you \
need to setup chaining for this to happen?
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs \
to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic