[Freeipa-users] One-way replication
Alexander Bokovoy
abokovoy at redhat.com
Thu Aug 16 13:22:14 UTC 2012
On Thu, 16 Aug 2012, Dimitris Tsompanidis wrote:
>On 16/08/2012 14:34, Alexander Bokovoy wrote:
>>On Thu, 16 Aug 2012, Dimitris Tsompanidis wrote:
>>>Hi all,
>>>
>>>I'm looking into setting up a Samba file server with FreeIPA as
>>>the password backend. I don't need fancy stuff, just plain LDAP
>>>password authentication.
>>http://techslaves.org/2011/08/24/freeipa-and-samba-3-integration/
>>
>>
>>>(my first thought was using PAM as the LDAP frontend but
>>>apparently this does not work for Samba...)
>>>
>>>All the tutorials I've looked into mention the need to update the
>>>LDAP schema in FreeIPA as a part of the procedure. I'm not really
>>>keen on doing this, at least not in my production FreeIPA
>>>cluster, so I thought of setting up a test FreeIPA installation
>>>that would only replicate data from the FreeIPA "master" but not
>>>the either way around.
>>>
>>>My problem is that I can't find any way of doing this except by
>>>creating the replica and then deleting the test replica from the
>>>FreeIPA topology - basically creating a non-updating stand-alone
>>>copy of my production servers.
>>>
>>>Is there a way to force a one-way replication?
>>>
>>>(I'd also be grateful for any mentions of less painful ways of
>>>connecting samba to freeipa :))
>>For IPA v2.x the link above explains fairly easy setup.
>>
>I am already aware of this guide - that's me in the second comment
>asking more or less the same thing :)
:)
Since that guide involves patching the code, the changed packages will
need to get to other replicas as well.
However, as configuration changes are added to the tree that is replicated
by default, I think everything what's affected will be replicated.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list