[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] long shot: different ldap servers for authentication and for updates

Subject: [ale] long shot: different ldap servers for authentication and for updates
From: fassl.tod at gmail.com (Todor Fassl)
Date: Wed, 21 Mar 2018 16:51:55 -0500

We are running a master openldap server with 2 slaves. All of our 
workstations are configured to authenticate versus the slaves. The 
problem is that if someone wants to change their password, it wants to 
talk to the slaves. But you cannot do updates on the slave/replication 
servers. The name service ldap cache daemon (nslcd) does not appear to 
have a way to configure different servers for reads/authentication and 
updates. Any ideas on a solution for this? About the only thing I can 
think of is to have a machine set aside as a place to change your 
password. So if you want to change your password, you have to ssh to 
this special machine which is configured to talk to the master ldap server.
-- 
Todd

Follow-Ups:
- [ale] long shot: different ldap servers for authentication and for updates
  - From: jim.kinney at gmail.com (Jim Kinney)

Prev by Date: [ale] Meet the Raspberry Pi 3 Model B+
Next by Date: [ale] long shot: different ldap servers for authentication and for updates
Previous by thread: [ale] Please come: SB 315 Red Card Day at the Legislative Committee Meeting Thur. Mar. 22
Next by thread: [ale] long shot: different ldap servers for authentication and for updates
Index(es):
- Date
- Thread