[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication account problem





--On Friday, January 10, 2020 5:48 PM +0100 Vincent Ducot <vincent.ducot@rubycat.eu> wrote:

a) It's not the same location, it's /var/lib and /var/lab (yeah, tricky)

Ah, missed that.

b) I tested several possibilities but I didn't manage to make it work.
Either the problem stayed the same, either the replication didn't work
anymore, either I couldn't access to rpuser.

I understand that :


- rpuser should have read/write access to its password (to
attrs=userPassword by dn="uid=rpuser,dc=foo,dc=bar" write)

- rpuser should have read/write access to all data (to * by
dn="uid=rpuser,dc=foo,dc=bar" write)

Sure, but ACLs stop processing on the first matching rule. Please review the slapd.access(5) man page. Your ACLsforthe rpuser are never evaluated since prior rules prevent them being reached.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>