[Date Prev][Date Next]
Re: readonly means readonly no matter what?
Am Dienstag, 3. April 2001 09:04 schrieb Bob Tanner:
> Quoting Stephan Siano (email@example.com):
> > > What wins? :-)
> > readonly on always wins. You won't even be able to replicate into that
> > database. BTW: your by * read ACL is never executed :-)
> Hmmm, this post is misleading then.
> It would seem that binding as rootdn allows you to write, but as anything
> else you get readonly access.
> IF readonly always wins, then how do you make a readonly replica?
> Turn readonly off and use ACLs to limit the writes?
Turn readonly off (this is the default anyway) and define a updatedn. The
replica will accept change requests only from that dn and return a referral
to updateref <url> for write attempts from anyone else. see the documentation
for slapd.conf for details.
btw. I'm talkung about OpenLDAP 2.0.x, I don't know how OpenLDAP 1.x behaves
in this context.
Stephan Siano Mail: Stephan.Siano@suse.de
SuSE Linux Solutions AG Phone: 06196 50951 31
Mergenthalerallee 45-47 Fax: 06196 409607