[ale] long shot: different ldap servers for authentication and for updates

[Todor Fassl]

We are running a master openldap server with 2 slaves. All of our 
workstations are configured to authenticate versus the slaves. The 
problem is that if someone wants to change their password, it wants to 
talk to the slaves. But you cannot do updates on the slave/replication 
servers. The name service ldap cache daemon (nslcd) does not appear to 
have a way to configure different servers for reads/authentication and 
updates. Any ideas on a solution for this? About the only thing I can 
think of is to have a machine set aside as a place to change your 
password. So if you want to change your password, you have to ssh to 
this special machine which is configured to talk to the master ldap server.
-- 
Todd