[Fedora-directory-users] Referential Integrity
Tim Hartmann
hartmann at fas.harvard.edu
Fri Jan 30 15:41:55 UTC 2009
So After my trials and tribulations with " Referrals for Update
Operations" (thanks again, you guys rock!) hence known as "Tim's
continuing LDAP Saga and Viking Cha-Cha"
I came across "Referential Integrity" in the docs, and boy howdy does it
look useful!
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_Directory_Entries-Maintaining_Referential_Integrity.html
I had a couple of concerns, before I enabled it that I was hoping people
could chime in on!
1) I'd like to have Referential Integrity monitor the memberUid field as
well, but I was unclear in the documentation if when scanning the
directory if it scans ALL the directories hosted by a given server, or
just searches in the directory where the user was deleted?
for example, I have two root suffixes, both of which contain users and
groups , and more often then we'd like user "foo" exists in both...
dc=example,dc=edu
dc=dept,dc=example,dc=edu
if I delete user uid=foo,ou=People,dc=dept,dc=example,dc=edu
would the Referential Integrity plug in know to leave any instance of
"uid=foo" and "memberUid=foo" in the dc=example,dc=edu branch alone?
2) I have 2 Masters (set up to be Multi Masters) and 4 Replica's, There
are a number of warnings about setting this up only on 1 of the Masters
(which shouldn't be a problem), in the case that M1 is configured with
the Referential Integrity plug in, and it goes down for some amount of
time, and a user is deleted, will the plugin "Catch up" once M1 has been
brought back online?
Thanks for the input!
Tim
More information about the 389-users
mailing list