Did anyone have any thoughts on this? If not, I think I'll just enable
it and start testing.... :)
Tim Hartmann wrote:
So After my trials and tribulations with " Referrals for Update
Operations" (thanks again, you guys rock!) hence known as "Tim's
continuing LDAP Saga and Viking Cha-Cha"
I came across "Referential Integrity" in the docs, and boy howdy does it
I had a couple of concerns, before I enabled it that I was hoping people
could chime in on!
1) I'd like to have Referential Integrity monitor the memberUid field as
well, but I was unclear in the documentation if when scanning the
directory if it scans ALL the directories hosted by a given server, or
just searches in the directory where the user was deleted?
for example, I have two root suffixes, both of which contain users and
groups , and more often then we'd like user "foo" exists in both...
if I delete user uid=foo,ou=People,dc=dept,dc=example,dc=edu
would the Referential Integrity plug in know to leave any instance of
"uid=foo" and "memberUid=foo" in the dc=example,dc=edu branch alone?
2) I have 2 Masters (set up to be Multi Masters) and 4 Replica's, There
are a number of warnings about setting this up only on 1 of the Masters
(which shouldn't be a problem), in the case that M1 is configured with
the Referential Integrity plug in, and it goes down for some amount of
time, and a user is deleted, will the plugin "Catch up" once M1 has been
brought back online?
Thanks for the input!