[Fedora-directory-users] 2 user passwords ? / updates on consumer without referral

[ivan mitev]

hello list !

i'm doing some tests to replace our openldap based ldap infrastructure
with fds; i'm really happy with fds compared to openldap, but i'm running
into a little problem...

what i'm trying to achieve: we have 2 different user passwords: one for our
lan, the other for the dmz (imap, jabber, ...) ; the ldap supplier is in the
lan, and there's a consumer in the dmz;
the lan password should be used for user/services binding to the lan server,
while the dmz password should be used for user/services binding to the dmz
server

is there a simple way to do that with fds (eg. a plugin where one can choose
which attribute fds uses for binds) ?

with openldap, on the supplier, the lan password was stored in userPassword,
and the dmz password was stored in obsDmzPassword (from our custom schema) ;
the userPassword attribute was excluded from the lan->dmz replication, and
we had a script that would connect to the dmz as the directory manager (->
so no referral with this user) and which would copy the content of
obsDmzPassword to userPassword

that's ugly, but it worked fine

now, with fds, i managed to do the same thing, when selecting "use the
databases"  under "suffix request processing" on the consumer ; however,
this setting goes back to "return referrals for update operations" after
each full consumer initialization ; is there a way to prevent that from
happening ?


thanks !

ivan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070306/b136c915/attachment.htm>