[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
slurpd not replicating to slave at root
- To: openLDAP software <openldap-software@OpenLDAP.org>
- Subject: slurpd not replicating to slave at root
- From: Steven Wong <slqwong@yahoo.com>
- Date: Wed, 16 Aug 2006 10:18:58 -0700 (PDT)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=CY09b1rBx1dd5aw3XiTNXixUqouWBhGvFiA45jpmgpaxF7DybdY4k8nhZS+BP1GIlh40GZkpp8AcCM6GoF69IuazB8uXH8rH+oDIm6Z+6Eh2lMoOY5I55tuFAxuhyvGkXnwQcCDOiulJgXWjYb2TKtsNvcqH5hsG2GCk81IqqVo= ;
I was wondering if this is correct or if I have my access or config wrong.
It seems that only "cn=manager,dc=pro-unlimited,dc=com", which is the rootdn can create a new child at the root level ( ie. ou=netgroup,dc=pro-unlimited,dc=com )
and my replica uses binddn="uid=replicator,ou=ldapbods,ou=people,dc=pro-unlimited,dc=com"
[root@snort01 openldap]# ldapadd -x -D "uid=sysadmin,ou=ldapbods,ou=people,dc=pro-unlimited,dc=com" -w <passwd> -a -f /tmp/netg
adding new entry "ou=netgroup,dc=pro-unlimited,dc=com"
ldap_add: Insufficient access
additional info: no write access to parent
ldif_record() = 50
[root@snort01 openldap]# ldapadd -x -D "uid=replicator,ou=ldapbods,ou=people,dc=pro-unlimited,dc=com" -w <passwd> -a -f /tmp/netg
adding new entry "ou=netgroup,dc=pro-unlimited,dc=com"
ldap_add: Insufficient access
additional info: no write access to parent
ldif_record() = 50
If I were to use uid=replicator/sysadmin to add things under ou=hosts/people, I am able to add them fine.
Does that mean, my only choice to get around this, such that sync can happen, even at the top level, is to use the rootdn as the binddn?
If there are any info needed, please let me know.
Thanks,
Steven