[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting Replication to work





--On Wednesday, August 03, 2005 2:20 PM -0400 Jon West <westjo@mail.nih.gov> wrote:

Hi, I am currently trying to follow all the online information I have
found but cannot get replication to work. The Master server is creating
replication log files correctly but the slave is not making any changes
what so ever and I don't know what I'm doing wrong

Master slapd.conf

access to attrs=userPassword
	by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov" write
	by self write
	by anonymous auth
	by * none
access to *
        by self write
        by * read
#       by anonymous auth
        by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov"

The above line is missing a type of auth? Anyhow, it will never get evaluated, because ACL parsing stops at the first applicable line, which in this case is "by * read". If you want manager to do anything different, it must come *before* "by * read".






--------------------------------------

Slave slapd.conf


access to attrs=userPassword
	by dn="uid=Replicator,ou=People,dc=fmrif,dc=nimh,dc=nih,dc=gov" write
	by self write
	by anonymous auth
	by * none
access to *
        by self write
        by * read
	by * write
#       by anonymous auth
#	by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov"
	by dn="uid=Replicator,ou=People,dc=fmrif,dc=nimh,dc=nih,dc=gov" write


The Replicator write line will never be evaluated, because "by * read" will be the first matching ACL. If you want it to have write privileges, it needs to be moved above this line.

--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin