edhat.com] On Behalf
>> Of Andrey Ivanov
>> Sent: Tuesday, August 04, 2009 3:43 PM
>> To: General discussion list for the 389 Directory server project.
>> Subject: Re: [389-users] OpenLDAP as a slave of Fedora
>> Directory Server?
>>
>> Hi,
>>
>> Y
dora-directory-users-boun...@redhat.com] On Behalf
> Of Andrey Ivanov
> Sent: Tuesday, August 04, 2009 3:43 PM
> To: General discussion list for the 389 Directory server project.
> Subject: Re: [389-users] OpenLDAP as a slave of Fedora
> Directory Server?
>
> Hi,
>
> Yo
Hi,
You can also use the LDAP persistent search control an then convert
the 389 attributes to openLDAP ones and send them immediately in real
time, and then, once a day, just to be sure that everything is ok you
can push the whole LDIF dump. Here is an example of a simple
persistent search script
Rats. That's pretty much the conclusion I'd reached, but I'd hoped I
was wrong, based on the wiki page. Unfortunately, for account
terminations, we need more than just the ldif export/import, and
Security is kind of cranky about the lack.
Thanks for the answer. I guess I'll cross my fingers
Currently, OpenLDAP and 389 have totally different replication
mechanisms, so you can't really replicate between the two.
You can of course export / import filtered LDIF in either direction,
which, depending on the need, is occasionally good enough.
Anne Cross wrote:
I've been through the FDS/3
I've been through the FDS/389 website, and the best I've come up with is
this: http://directory.fedoraproject.org/wiki/Howto:OpenldapIntegration
Unfortunately, that gives me the sync in the wrong direction. We have
pre-existing OpenLDAP servers that belong to a different group. We're
suppose
