[Date Prev][Date Next]
Re: rootdn for syncrepl?
--On Monday, October 08, 2007 5:07 PM -0700 Quanah Gibson-Mount
--On Monday, October 08, 2007 7:06 PM -0400 Maykel Moya
In man slapd.conf you can read:
Specify the distinguished name that is not subject to access control
or administrative limit restrictions for operations on this
Note that the rootdn is always needed when using syncrepl.
In this Conexitor forum about replication configuration a particular
DN is used with permissions granted via ACIs, it seems that
cn=replicator is not the rootdn.
The rootdn is not required for syncrepl in OpenLDAP 2.3. It may have
been for OpenLDAP 2.2. Sounds like a bit of cruft remaining in
Actually to correct that --
The syncrepl client LDAP Directory needs a rootdn directive in its
slapd.conf. It does not need to talk to the *master* using a rootdn. This
is so the syncrepl client can internally update its own database using the
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration