Remove the [root] replica if you do not need it on S4. In doing so you
will prevent any users who authenticate from doing so directly to this
server. NDAP (though not LDAP) clients should get a referral list
including S1, S2, and S3 and then go to those machines for authentication.
You could also add S4 to the "bad address cache" of client machines.
This all assumes you are not using something like LDAP.
Good luck.
kalyan0423 wrote:
> How to enable authentication to only specific users in 4th replica
> Server?
>
> 1. Created a Master eDirectory (S1)
> 2. Created 3 replica servers (S2, S3, S4)
> 3. As per eDirectory rule, S2 and S3 replicas will have all real
> objects and S4 replica will have external reference to S1, S2, S3.
> 4. Created a partiton of Users container, it automatically replicated
> to S2 and S3.
> 5. Added the USers container as replica in S4 server. (Also replicated
> root partiton)
> 6. Now all the users are present in S4 server as real objects. So if
> S1,S2 and S3 are down still i am able to authenticate via S4 users.
> 7. Using filtered replica concept i am adding only few users as real
> objects in S4 which will be successfully authenticated when S1, S2, S3
> are down. But my problem is i dont want other users who are having
> external reference to S1, S2, S3 to authenticate against S4 because i am
> going to deploy this S4 server towards internet.
>
> If any one have solution please let me know.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJLHSTgAAoJEF+XTK08PnB5c5sP/jxPVNzqqE/no5ccXibWkjth
ZudnOZHqw9uTtkdSaueyCq3C5kKLvKTLHfx76FCGTr7pmMvvp1FHwuajFUvt0IvS
ifQveqhbpwyGDej6AicBt/4GPkufV/yXcl1j+M6zfgBDhA2503a9lV6J323cCcv8
MlxK427e3XpdaeCD7vdwFHbMYsRyGQYguUnH1tugo4jvRtL/AXH3xhsnzstj0Atk
jV6PtpOyF4gegyNGbqZR9bSE2JDNQ8c9kfkV6KT/06cWuvw3zKPyb5v6Gg+h6rG6
iJlRb/QPUp9ncTtnRKTtJza9D4bdOVvx5yh0LM2XauFtAbgZTa4UoDFUoqNhwAU9
rCHFE6pqONoo9PXjrAPxxfZKzVj5sUw3+Zv+dnA5VFvOt3yXz9zAtegZzdpkZIOe
2wXWvU1tvui+N+29cBdejUfG0ZBUjK7TFgl5yuAXeuy/YMYlOd8Oslurj2MnGuiV
v/nCXvM6PK/wUnSIsxhw/LgihXSWwTzYKlFe6g+guyXe+nB+wDBPy+jsNP0+JeJD
hCdSl1evj/fBcrHJAnzYsxn9/pIjq4ruE4HqcDWxyx/n9wZxcy/CArmzmsMA8Usx
xP8dF9CiwTk39TvUfdouHoVZ8gTX9nr5j137hEid/CeUS1pxjYzKnxHWnNRxgjDx
iJ9H3ktT0W7ymtLOcJPw
=lk37
-----END PGP SIGNATURE-----