Hi
I try to configure two openldap/kerberos server (provider and
consumer), but I'm having some issues about replication. Under LDAP
log, I have many entries like this: "slap_access_allowed: search
access denied by none(=0)"
These messages are related to consumer access to the Kerberos database
on provider and the kerberos database can't be replicated to the
consumer. The others data are replicated normaly.
These are the ACL under privider:
olcAccess: {0}to attrs=userPassword,shadowLastChange
by
dn.one="ou=consumers,ou=ldap,ou=Services,dc=unisim,dc=cepetro,dc=unicamp,
dc=br" read
by anonymous auth by * none
olcAccess: {1}to
dn.subtree="ou=kerberos,ou=Services,dc=unisim,dc=cepetro,dc=unicamp,dc=br"
by
dn="cn=krbadm,ou=kerberos,ou=Services,dc=unisim,dc=cepetro,dc=unicamp,dc=
br" write
by
dn="cn=krbkdc,ou=kerberos,ou=Services,dc=unisim,dc=cepetro,dc=unicamp,dc=
br" read
by
dn.one="ou=consumers,ou=ldap,ou=Services,dc=unisim,dc=cepetro,dc=unicamp,
dc=br" read by * none
olcAccess: {2}to attrs=loginShell
by self write
by users read
by * none
olcAccess: {3}to dn.base=""
by * read
olcAccess: {4}to *
by users read
by * none