slurp, master & slave issues

[Jason Lixfeld <jason+lists.openldap@lixfeld.ca>]

I've read chapter 13 of the manual and am trying to setup replication.  
As per the examples, I went like so:

On the master, I:

ldapadd -f /tmp/Replicator.ldif

== 8< == /tmp/Replicator.ldif == 8< ==

dn:cn=Replicator,dc=example,dc=com
cn: Replicator
objectClass: organizationalRole
userPassword: {MD5}Chb+9Fr8crHiifMsNyQItw==

== 8< == slapd.conf == 8< ==

replogfile              /usr/local/etc/openldap/replog
replica-argsfile        /usr/local/etc/openldap/slurp.conf
replica-pidfile         /var/run/openldap/slurp.pid
replicationinterval     60

replica uri=ldap://192.168.100.10:389
        binddn="cn=Replicator,dc=example,dc=com"
        bindmethod=simple credentials=*****

==

Once the master configuration is done, I copy the database from the 
master to the slave.

On the slave, I:

== 8< == slapd.conf == 8< ==

updatedn        cn=Replicator,dc=example,dc=com

Once the slave configuration is done, I:

Start slapd on the slave
Start slapd on the master
Start slurp on the master

When I modify data on the master, I get this error in the slave logs:

=> access_allowed: backend default write access denied to 
"cn=Replicator,dc=example,dc=com"
<=- bdb_delete: no write access to parent
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: err=50 matched="" text="no write access to parent"

I managed to get this all working by changing the binddn on the master 
and the updatedn on the slave from Replicator to Manager (my rootdn) 
and it worked without issue so i can't figure out the difference 
between what I've done except for change Manager to Replicator.  Not to 
mention, I've read many notes suggesting that using the binddn of the 
root user is a bad idea so I'd like to get this working properly.

Anyone see what I've missed?