[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl binding DN privileges?

To: David Markey <admin@dmarkey.com>
Subject: Re: syncrepl binding DN privileges?
From: Pierangelo Masarati <ando@sys-net.it>
Date: Tue, 11 Nov 2008 17:03:30 +0100
Cc: openldap-software@openldap.org
In-reply-to: <6894a6470811110730v85c2953wefa0bf4a429a9cc7@mail.gmail.com>
References: <6894a6470811110730v85c2953wefa0bf4a429a9cc7@mail.gmail.com>
User-agent: Thunderbird 2.0.0.17 (X11/20081001)

David Markey wrote:

If im doing multi master replication, what privileges does the bind DN
need? i know its bad practice to use the manager DN, does the binding
user need write access to anything on the remote ldap tree or just
full read access?


- auth privilege (of course);
- read access to what needs to be replicated (might be less than full)
- appropriate size/time limit (e.g. unlimited; see "limits")

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

References:
- syncrepl binding DN privileges?
  - From: "David Markey" <admin@dmarkey.com>

Prev by Date: syncrepl binding DN privileges?
Next by Date: bdb_search: 112 does not match filter
Index(es):
- Chronological
- Thread