[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: readonly means readonly no matter what?
Am Dienstag, 3. April 2001 09:04 schrieb Bob Tanner:
> Quoting Stephan Siano (stephan.siano@suse.de):
> > > What wins? :-)
> >
> > readonly on always wins. You won't even be able to replicate into that
> > database. BTW: your by * read ACL is never executed :-)
>
> Hmmm, this post is misleading then.
>
> http://www.openldap.org/lists/openldap-software/200006/msg00250.html
>
> It would seem that binding as rootdn allows you to write, but as anything
> else you get readonly access.
>
> IF readonly always wins, then how do you make a readonly replica?
>
> Turn readonly off and use ACLs to limit the writes?
Turn readonly off (this is the default anyway) and define a updatedn. The
replica will accept change requests only from that dn and return a referral
to updateref <url> for write attempts from anyone else. see the documentation
for slapd.conf for details.
btw. I'm talkung about OpenLDAP 2.0.x, I don't know how OpenLDAP 1.x behaves
in this context.
--
Stephan Siano Mail: Stephan.Siano@suse.de
SuSE Linux Solutions AG Phone: 06196 50951 31
Mergenthalerallee 45-47 Fax: 06196 409607
D-65760 Eschborn