[Date Prev][Date Next] [Chronological] [Thread] [Top]

Replica ACL and break

To: OpenLDAP-software@OpenLDAP.org
Subject: Replica ACL and break
From: "Paul Henry" <samba.user@gmail.com>
Date: Mon, 6 Mar 2006 15:19:06 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=aocQ8CEuzx8k1tI3FAGeIt6gJ0PovpclwndBhBj65FQg6vKfAQ7C0+K+ORN02MjbPxk8C5kJYxKFIBoZiJJBUMGow28GVrLb3FUIYHEPbcs7ZNmnNZya4pFJk8MzlVzCKcyOZIaelGimx567y7vWV68enOQpIYbddleMf/4oiac=

Dear List,

I am currently setting up our slave servers ACL, and I am putting:

access to *
    by dn.exact="cn=replica,dc=ourdomain,dc=com" write
    by * none break

first in the list, as I can't think of a better way to let the replica have
write access to everything.

Since this is first in the list, will it be a bit of performance hit
compared to moving
it around somewhere else, avoiding the use of the "break" keyword?

Our ACLs are big (using Samba PDCs and Open-xchange), so I thought this
would be the quickest/best way.

Thanks,

Paul.

Prev by Date: SASL_MECH EXTERNAL in system ldap.conf
Next by Date: Re: SASL_MECH EXTERNAL in system ldap.conf
Index(es):
- Chronological
- Thread