[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cannot replicate userPassword?

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: Cannot replicate userPassword?
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Wed, 02 Jan 2008 11:40:40 -0800
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <477B900C.9030201@sys-net.it>
References: <477A838D.1010109@ipodion.at> <1FEAA9903F1ADF0005450AC9@[192.168.1.197]> <477B900C.9030201@sys-net.it>

--On January 2, 2008 2:22:20 PM +0100 Pierangelo Masarati <ando@sys-net.it> wrote:

According to the configuration files posted, the user
"cn=admin,dc=ipodion,dc=at" is used as binddn by the consumer, but it is
the rootdn on the producer, so it can read all values (the real,
harmless error is that there's no point in authorizing access for the
rootdn: it has unlimited access privileges).  Local writes by syncrepl
are performed with the local rootdn's identity, so there's no point in
authorizing them either.

Hm, I thought at least at one point in time, syncrepl used the identity it bound as to make the updates in the local DB, but I guess not. Maybe that was just a holdover in my ACL files from when I used slurpd.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Follow-Ups:
- Re: Cannot replicate userPassword?
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- Cannot replicate userPassword?
  - From: Thomas Kirchtag <tkircht@ipodion.at>
- Re: Cannot replicate userPassword?
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: Cannot replicate userPassword?
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: Cannot replicate userPassword?
Next by Date: Re: Cannot replicate userPassword?
Index(es):
- Chronological
- Thread