The PingDirectory server provides a means to configure a hub-like, read-only server for legacy systems that require it.
The read-only PingDirectory server participates in replication but cannot respond to any update requests from an external client. You can configure the PingDirectory server by setting the writability mode to internal-only, which makes the server operate in read-only mode. The Read-only mode PingDirectory server can process update operations from internal operations but reject any write requests from external clients. Because the PingDirectory server cannot accept write requests, you can configure the server to send a referral, which redirects a client's request to a primary server. The client must perform the operation again on the server named in the referral.
For Implementers of third party extensions, many Server SDK extensions use the
InternalConnection
interface to process operations in the server,
rather than issuing LDAP requests over the network. If an extension does so in response to
an external update request, then any PingDirectory server
using that extension will effectively respond to external update requests, even though the
PingDirectory server is configured to operate in
read-only mode, as described previously. One possible workaround is to split the extension
into two extensions, one for reads and one for writes, and then to disable (or not to
deploy) the write-only extension when configuring a PingDirectory server in read-only mode.