[389-users] "onewaysync" attr.
Juan Carlos Camargo Carrillo
juancar at eprinsa.es
Fri Jan 28 12:43:08 UTC 2011
Hi everyone,
I'm working with the new attribute "onewaysync" to manage replication
between our AD domain and 389ds. To start with I've created a windows
repl. agreement, then set that attribute the value "fromWindows" .So far
it seems to work. My question is, which method you find better, in order
to protect the Active Directory objects from potential modifications
made by 389?
a) Use a proxy user for the repl. agreement with tailored permissions?
If so, which permissions are you using?
b) Leave it as such, without the "onewaysync" attr. Besides, it is a
consumer replica, so by design it wasnt meant to send updates.
Which other choices you have in mind or have already implemented? And
finally, is there a way to select a subset of windows attributes to be
sync'd to 389?
Regards!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110128/a7dc4f0e/attachment.html>
More information about the 389-users
mailing list