[Date Prev][Date Next]
Re: (ITS#5746) Guide updates
> Full_Name: Quanah Gibson-Mount
> Version: 2.4.12
> OS: NA
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (220.127.116.11)
> In looking at the admin guide sections on replication, I notice the following:
> (a) The syncrepl configuration suggests using the rootdn on the consumer, which
> we advise people *not* to do.
> "The consumer uses the rootdn to write to its database so it always has full
> permissions to write all content."
The Admin Guide is correct here. We have never advised people against this.
> (b) It makes no mention of using the "limits" option in slapd.conf to bypass
> sizelimit/timelimit restrictions on a non-rootdn user
You're confused. The above text refers to the rootdn on the consumer, not the
identity the consumer uses to talk to the provider.
Note that the example at the top of the page shows the appropriate limit
I think the organization of this chapter is wrong, it should not start with
section 17.1 describing how to use syncrepl to replace slurpd before it
describes syncrepl (section 17.2).
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/