[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SyncRepl - no write access



>>>>> "Quanah" == Quanah Gibson-Mount <quanah@stanford.edu> writes:

    Quanah> If you make the syncRepl updatedn match the rootdn on the
    Quanah> replica, there is no need for any ACL related to syncrepl.

This work 'like a charm' (well, not really but...).

I now have the same DN as 'rootdn', 'syncrepl:updatedn' and 'syncrepl:binddn'
(is there something wrong with this!?). The object gets updated, BUT (!)
the OpenLDAPaci attribute(s) is removed!

Is SyncRepl and ACI's mutually exclusive?

The DN I'm using (rootdn etc) DOES have read access to the attribute on the
provider, so it's not that...