[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Multiple syncrepl problems
Darren Gamble wrote:
Good day,
Thanks again for your reply.
In 2.2.20 the consumer code was reorganized (to fix a variety
of other
bugs) and as a result of the shuffle, most operations are now
performed
with the rootdn alone. I suppose this must be considered a new bug in
2.2.20. However, the fact remains that even in older
releases, you must
have a rootdn defined on the consumer database, because it is
needed for
internal maintenance.
I'm inclined to remove the multiple-consumer-context support, as it
seems to be causing more hassles than it's worth. With that removed,
then only a rootdn would be needed and no updatedn at all.
OK, we can add the rootdn back in, then. Last question, I think - should a
rootdn be defined on the provider, as well? And it's unnecessary (and
possibly insecure) to supply a rootpw
Yes, and yes. The provider also needs to perform internal maintenance
operations, and those require a rootdn. The internal operations never
need the rootpw.
Could both the Admin Guide and man pages both be corrected to reflect these
changes, please, if they will be permanent? The slapd.conf man page still
says "It is recommended that the rootdn only be specified when needed (such
as when initially populating a database)", which I'm sure a large number of
other admins have tried to follow.
That comment is essentially correct - use a rootdn only when needed. The
fact is that with syncrepl, the rootdn is always needed.
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support