[Fedora-directory-users] Questions about the referential integrity plug-in
Noriko Hosoi
nhosoi at redhat.com
Mon Nov 13 21:17:58 UTC 2006
This is what we recommend ...
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/modify.html
How Referential Integrity Works
When the Referential Integrity Plug-in (see "Referential Integrity
Postoperation Plug-in," on page 510
<http://www.redhat.com/docs/manuals/dir-server/ag/7.1/plgintro.html#1080987>)
is enabled, it performs integrity updates on specified attributes
immediately after a delete or rename operation. By default, the
Referential Integrity Plug-in is disabled.
Note
The Referential Integrity Plug-in should only be enabled on one supplier
replica in a multi-master replication environment to avoid conflict
resolution loops. When enabling the plug-in on servers issuing chaining
requests, be sure to analyze your performance resource and time needs,
as well as your integrity needs. Integrity checks can be time-consuming
and draining on memory/CPU.
Kimmo Koivisto wrote:
>Hello
>
>I tried the referential integrity plug-in and it worked as expected with
>single master environment and groupofnames and groupofuniquenames groups.
>I read the admin guide but there were some things that I did not fully
>understand:
>
>1. How about multimaster environment, if I have servers A and B and I enable
>plug-in to server A. When change is done to the server B, server A shoud make
>deletions ar modifications to the directory.
>
>But what if the server A is down for maintenance and user is deleted from
>server B, what happends? Does the server A do anything when it is started
>after maintenance?
>
>2. How to enable referential integrity to the memberUid attribute?
>I have user cn=user,c=fi that has uid=user and that user is added to group
>example so that there is attribute memberUid=user.
>When user is deleted, uid should be removed from example group. How to achieve
>this?
>I tried to add nsslapd-pluginarg7=memberUid to the plugin but it did not work.
>
>I'm testing this with FC4 and FDS 1.0.4.
>
>Best Regards
>Kimmo Koivisto
>
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3170 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20061113/bda9244d/attachment.bin>
More information about the 389-users
mailing list