[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootdn for syncrepl?

To: Maykel Moya <moya-lists@infomed.sld.cu>, openldap-software@openldap.org
Subject: Re: rootdn for syncrepl?
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Mon, 08 Oct 2007 17:07:04 -0700
Content-disposition: inline
In-reply-to: <1191884770.3256.59.camel@gloria.red.sld.cu>
References: <1191884770.3256.59.camel@gloria.red.sld.cu>

--On Monday, October 08, 2007 7:06 PM -0400 Maykel Moya <moya-lists@infomed.sld.cu> wrote:

In man slapd.conf you can read:

--
rootdn <dn>
  Specify the distinguished name that is not subject to access control
  or administrative limit restrictions for operations on this
  database.
  [...]
  Note that the rootdn is always needed when using syncrepl.
--

In this Conexitor forum[1] about replication configuration a particular
DN is used with permissions granted via ACIs, it seems that
cn=replicator is not the rootdn.

The rootdn is not required for syncrepl in OpenLDAP 2.3. It may have been for OpenLDAP 2.2. Sounds like a bit of cruft remaining in slapd.conf.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Follow-Ups:
- Re: rootdn for syncrepl?
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- rootdn for syncrepl?
  - From: Maykel Moya <moya-lists@infomed.sld.cu>

Prev by Date: Re: syncprov dependencies
Next by Date: Re: rootdn for syncrepl?
Index(es):
- Chronological
- Thread