Rats. That's pretty much the conclusion I'd reached, but I'd hoped I
was wrong, based on the wiki page. Unfortunately, for account
terminations, we need more than just the ldif export/import, and
Security is kind of cranky about the lack.
Thanks for the answer. I guess I'll cross my fingers that somebody
takes it off of the wishlist soon.
-- juniper
George Holbert wrote:
Currently, OpenLDAP and 389 have totally different replication
mechanisms, so you can't really replicate between the two.
You can of course export / import filtered LDIF in either direction,
which, depending on the need, is occasionally good enough.
Anne Cross wrote:
I've been through the FDS/389 website, and the best I've come up with
is this:
http://directory.fedoraproject.org/wiki/Howto:OpenldapIntegration
Unfortunately, that gives me the sync in the wrong direction. We
have pre-existing OpenLDAP servers that belong to a different group.
We're supposed to be their ultimate source of data - once we get set
up - but they won't change their servers from OpenLDAP because, as
they say, they know how they work and why should they do more work.
I don't need data synced back from OpenLDAP, but syncrepl doesn't
appear to do the right thing when pointed at an FDS directory server,
so what's the secret, undocumented method? Even a hint would help.
Google just keeps turning up pages where people have named their box
"Fedora" and it's all openldap to openldap.
--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
,___,
{o,o} Anne "Juniper" Cross
(___) Senior Linux Systems Engineer and Extropic Crusader
-"-"-- Information Technology, ITA Software
/^^^
--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users