[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl only works as rootdn



On Friday 02 February 2007 05:04, Christopher Cowart wrote:
> Hello,
>
> I have 3 installations of openldap-server-2.3.33 running on FreeBSD
> 6.1-REL: ldap-master, ldap1, ldap2. I am using syncrepl to replicate
> ldap-master to ldap1 and ldap2. The replicated directory is missing
> entire ou branches in my tree.
>
> I have created the following objects in my directory:
> cn=syncrepl-ldap1,dc=example,dc=com
> cn=syncrepl-ldap2,dc=example,dc=com
>
> I've made the following configurations on the provider:
> | access to *
> |     by dn.regex="cn=syncrepl-(ldap1|ldap2),dc=example,dc=com" read
> |     by * break


Just a suggestion, use a group in your ACL and your limits statement, since 
this will allow you to add/remove consumers without restarting the provider 
(of course, using back-config would allow this and more, but using a group 
means that you don't need to touch the provider config in any way). All that 
is necessary to add a consumer is to add them as a member to the 
groupOfNames.

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

Attachment: pgpzZSe8pnIEV.pgp
Description: PGP signature