LDAP Master/Slave usercorner

[smutje]

I have (re-) installed twice in the meantime and need some clarification:

Scenario
A LDAP-Master server (& DNS, no more services like mail or samba)
A slave as file server
A slave as mail (zarafa) server

Replication works, so far so good.
Accessing the usercorner on the master, i could change my passwort as expected. Nothing else.
Accessing the usercorner an my mail server (slave), i get the message "incorrect password". Might be ok(?), but how a user could configure the external mail retrieval then?

Thank you for help.

[smutje]

Does nobody has an answer?

Is the scenario so unusual?

I spent a lot of time in testing up to now. I just want to know how should it working in general before I waste more time for diagnostics.

Best regards

Smutje

[grolon]

i'm trying to do something similar to your scenario.

I was planning to have two zentyal servers. 1 master a 1 slave, sync users, etc,
I have read in Zentyal DOC (spanish) that zentyal master server can be ONLY used to LDAP and DNS service, cant be used to samba shares.

My plans are, have 2 server, users & groups sunc'ed, samba shares on both of them,

This can't be done, ehh

Somebody pls help
G.

[Javier Amor Garcia]

Sorry this a bug. The user corner should not be enabled in the slave, only in the master.
In the next version the user corner couldn't be enabled on slave servers.

[christian]

Does it mean that instead of fixing the "replication" concept and implementing referral, decision is to add control preventing to define - by mistake - configuration that will not work?

Well, as a temporary workaround, it makes sense but is it also team's long term strategy?

[Javier Amor Garcia]

Well in reality it was never meant to run usercorner in an slave server. (try to click in the usercorner item in the left menu in the slave and you will see a message about that).

The error was that we allowed it to enable in the slave and this is fixed now.

Maybe in the future we could add the feature of usercorner in slave mode.

[christian]

I understand.

What I meant with my comment is that with what I would name a "true master/slave" design, ALL ldap servers should support same services, content being the same on all occurrences. Then when it comes to write, as multi-master mode is not enabled, slave ldap server should send back referral so that write operation is done on the ldap master server.

Having said that, it's pretty obvious that such approach needs some specific attention for ldap servers that are at the border between internal and external networks and this quickly results in "ldap proxy" mechanisms.

But even before reaching such debate, I really don't understand why all LDAP servers do not share similar design (schema) and content being result of true replication. Anyway...