[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootdn for syncrepl?

--On Monday, October 08, 2007 7:06 PM -0400 Maykel Moya <moya-lists@infomed.sld.cu> wrote:

In man slapd.conf you can read:

rootdn <dn>
  Specify the distinguished name that is not subject to access control
  or administrative limit restrictions for operations on this
  Note that the rootdn is always needed when using syncrepl.

In this Conexitor forum[1] about replication configuration a particular
DN is used with permissions granted via ACIs, it seems that
cn=replicator is not the rootdn.

The rootdn is not required for syncrepl in OpenLDAP 2.3. It may have been for OpenLDAP 2.2. Sounds like a bit of cruft remaining in slapd.conf.



Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration