[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL problem with replica user
Hi,
jawed abbasi <jabbasi@yahoo.com> writes:
> hello
>
>
>
> I have following set of ACL on Master and Slave , but my replication DN fails while
> writting to slave
>
>
>
> Master ACL :
>
> access to dn=".*,dc=navtechinc,dc=com"
> attr=userPassword,ntPassword,lmPassword,gecos
> by dn="cn=Manager,dc=navtechinc,dc=com" write
> by dn="uid=replica,ou=YkfUsers,ou=users,dc=navtechinc,dc=com" write
> by self write
> by * auth
>
> SLAVE ACL:
>
> access to dn=".*,dc=navtechinc,dc=com"
> attr=userPassword,ntPassword,lmPassword,gecos
> by dn="cn=Manager,dc=navtechinc,dc=com" write
> by dn="uid=replica,ou=YkfUsers,ou=users,dc=navtechinc,dc=com" write
> by self write
> by * read
> by anonymous none
[...]
As far as I understand access control, it checks the rules and stops
at the first matching rules, that is, if a write request occurs
access control checks for write clauses and stops at the first found
instance, that is "cn-manager,dc=navtechinc,dc=com". You should add a
control function to your clauses, that could be "continue", see man
slapd.access.
Run your slave in debugging mode 128 to watch access control
processing.
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de