This topic has 2 replies, 2 voices, and was last updated 6 years, 3 months ago by seyed.

  • Author
    Posts
  • #11534
     seyed
    Participant

    Hi,

    Imagine I have two DJs one in Canada and one in US. I want to setup fractional replication between these two DJs to avoid storing some attributes from the Canadian DJ to the US DJ and also avoid storing some attributes from the US DJ to the Canadian DJ. Apparently, the US data still crosses the border, though the Canadian replication server rejects the forbidden attributes. The same happens for the other direction of the data flow. Is there anyway that we could filter out the forbidden attributes in the same country where the data belongs to? For example, configuring the US replication server to only sends the allowed attributes to the Canadian replication server?

    Thanks,

    #11537
     Ludo
    Moderator

    All replication servers are fully connected and have all changes. There is no way to change this. This was done to ensure high availability including in case of disaster where all replication servers in a datacenter would disappear.

    #11538
     seyed
    Participant

    Thanks Ludo. So I suppose there is no way to configure replication across borders but at the same time maintain sensitive info inside borders. I think that is because fractional replication is enforced, in replication servers, only on incoming traffic. It cannot filter the outgoing updates from a directory server.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?