[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DSLDAPv3PlugInConfig.plist is not updating

Subject: Re: DSLDAPv3PlugInConfig.plist is not updating
From: "Chris McFarling" <email@hidden>
Date: Thu, 29 May 2008 12:18:25 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

Utilising statically configured binding with an "Open Directory" template in Directory Access populates the full preference file including the references to read-only and writable replicas.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>LDAP PlugIn Version</key>
<string>DSLDAPv3PlugIn Version 1.5</string>
</dict>
</plist>

The above is an expected behaviour with DHCP deployment of the preferences - so that your computers can roam to other locations and receive their configurations dynamically without any pre-existing configurations clouding the way they behave.

A suggestion to facilitate failover could be to use a DNS hostname A records for each of your OD servers (replica and master). Then send that hostname to your DHCP-configured clients. For example:

Instead of using: server01.mydomain.com

Use:

ldap.mydomain.com

Which resolves to server01.mydomain.com as well as replica01.mydomain.com.

Because the Password server is multi-master, and the Kerberos KDC password changes are performed only through the OD Master's Kerberos KDC, you should still be able to change passwords etc as you used to (as long as the OD Master is running!)

Hmmmm, that's not making sense to me. You're saying that with DHCP supplied prefs, the computer should be able to go to any network and pickup the prefs dynamically, which is logical. If a computer moves from NetworkA to NetworkB then the prefs for NetworkA must be forgotten when it links up to NetworkB. Why would the computer not just download a new list of replicas each time it found itself on a new network and overwrite the old list? It would seem to me that just because it's using DHCP, that would not be reason enough to not have the list of replicas downloaded and written to the DSLDAPv3PluginConfig file. After all I'd suspect that the vast majority of client computers use DHCP to obtain their LDAP config data and the majority of those computers are fixed on a single network. If that were truly te case then most OS X clients would never get correct replica infomation. Can you point me to any documentation that backs up that claim?

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: DSLDAPv3PlugInConfig.plist is not updating
  - From: David Colville <email@hidden>

References:
	>DSLDAPv3PlugInConfig.plist is not updating (From: "Chris McFarling" <email@hidden>)
	>Re: DSLDAPv3PlugInConfig.plist is not updating (From: David Colville <email@hidden>)

Prev by Date: Re: Untrusted apps are not allowed to connect to or launch Window Server before login.
Next by Date: Re: WGM search for AD Users/Groups & 1000 record limit
Previous by thread: Re: DSLDAPv3PlugInConfig.plist is not updating
Next by thread: Re: DSLDAPv3PlugInConfig.plist is not updating
Index(es):
- Date
- Thread

Home