[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SyncRepl - no write access



Turbo-
  I believe I ran into this same problem a while ago, in 2.2.15.  I had
to remove the sasl_ssf requirement for my syncrepl updateDN.  Since the
update happens local (ie, the provider is not pushing from outside, but
rather syncrepl is simply changing contect to the updateDN with no
authentication, or something like that), there is no kerberos
authenticaion happening, therefore sasl_ssf!=56.

-Matt
> access to * by group.base="cn=Replicators,ou=LDAP,ou=System,o=Bayour.COM,c=SE" sasl_ssf=56 write
>             by dn.exact="cn=ldap/provider,ou=LDAP,ou=System,o=Bayour.COM,c=SE" sasl_ssf=56 write
>             by aci write

-- 
Matthew J. Smith <matt.smith@uconn.edu>
University of Connecticut ITS
PGP Key: http://web.uconn.edu/dotmatt/matt.asc

Attachment: signature.asc
Description: This is a digitally signed message part