[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5746) Guide updates

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5746) Guide updates
From: hyc@symas.com
Date: Fri, 17 Oct 2008 18:52:36 GMT

quanah@zimbra.com wrote:
> Full_Name: Quanah Gibson-Mount
> Version: 2.4.12
> OS: NA
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (75.111.29.239)
>
>
> In looking at the admin guide sections on replication, I notice the following:
>
> (a) The syncrepl configuration suggests using the rootdn on the consumer, which
> we advise people *not* to do.
>
> http://www.openldap.org/doc/admin24/replication.html#Syncrepl
>
> "The consumer uses the rootdn to write to its database so it always has full
> permissions to write all content."

The Admin Guide is correct here. We have never advised people against this.

> (b) It makes no mention of using the "limits" option in slapd.conf to bypass
> sizelimit/timelimit restrictions on a non-rootdn user

You're confused. The above text refers to the rootdn on the consumer, not the 
identity the consumer uses to talk to the provider.

Note that the example at the top of the page shows the appropriate limit 
directives.

I think the organization of this chapter is wrong, it should not start with 
section 17.1 describing how to use syncrepl to replace slurpd before it 
describes syncrepl (section 17.2).

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#5748) tavl_find3(root=NULL,,,) - and pcache? - undefined values
Next by Date: Re: (ITS#5746) Guide updates
Index(es):
- Chronological
- Thread