I just installed openldap 2.0.23 on two machines for replication testing. I followed the procedure describes in the openldap administration guide and everything is working OK (nearly :) ) - replication from master to slave works fine - but from slave to master I have to defined a very permissive acl (access to * by * write). Because I'm using ldapmodify as ldap client I also need to use the -C switch in order to chase the master (without this switch, I've got a referral error : ldif_record() = 10 and the slave doesn't even try to contact the master). So this is working but it's not good for a production site. My updatedn in the slapd.conf slave file is the rootdn of both ldap servers (master and slave) with the same password. But when I'm using ldapmodify the replication process from slave to master bind anonymoulsy (?). I thought that the updatedn was used for the bind process. Am I wrong? Before reading every RFC regarding LDAP V3, I will be very glad to have some tips about replication. Thanks in advance, Patrice
Attachment:
pgpQnsCVM2jxT.pgp
Description: PGP signature