[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Slapd Replication Problem
On Wed, Sep 13, 2006 at 01:34:07PM -0400, Brian White wrote:
> >>I tried that, but it semes I may need to add it to _all_ the "access"
> >>lines, since there are separate one that control access to passwords,
> >>etc.
> >
> >The ordering of ACL's make a difference. Maybe you can just try to
> >put it near the top?
>
> I'm afraid if I do, then I'll end up changing the access permissions of
> those special fields to be the same as the first "catch all" ACL. I
> don't have the resources to re-test everything.
>
> It semes to be working if I add the replication DN to all the ACLs, so I
> think I'll just stick with that.
You could use the "break" statement. Something like this at the very
top:
access to dn.subtree="dc=example,dc=com"
by dn="cn=updatedn,dc=example,dc=com" write
by * break
(I don't remember your DIT or the updatedn name, adjust the above)