RE: Getting Replication to work

Thu, 04 Aug 2005 16:09:25 -0700 

Ah HA I was wondering why that wasn't being evaluated, thank you for the
heads up, this might actually help in our production LDAP server as well

-----Original Message-----
From: Quanah Gibson-Mount [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 04, 2005 1:04 PM
To: West, Jonathan (NIH/NIMH); [email protected]
Subject: Re: Getting Replication to work



--On Wednesday, August 03, 2005 2:20 PM -0400 Jon West 
<[EMAIL PROTECTED]> wrote:

> Hi, I am currently trying to follow all the online information I have
> found but cannot get replication to work. The Master server is creating
> replication log files correctly but the slave is not making any changes
> what so ever and I don't know what I'm doing wrong
>
> Master slapd.conf

> access to attrs=userPassword
>       by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov" write
>       by self write
>       by anonymous auth
>       by * none
> access to *
>         by self write
>         by * read
>#       by anonymous auth
>         by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov"

The above line is missing a type of auth?  Anyhow, it will never get 
evaluated, because ACL parsing stops at the first applicable line, which in 
this case is "by * read".  If you want manager to do anything different, it 
must come *before* "by * read".





> --------------------------------------
>
> Slave slapd.conf


> access to attrs=userPassword
>       by dn="uid=Replicator,ou=People,dc=fmrif,dc=nimh,dc=nih,dc=gov"
write
>       by self write
>       by anonymous auth
>       by * none
> access to *
>         by self write
>         by * read
>       by * write
>#       by anonymous auth
>#      by dn="cn=manager,dc=fmrif,dc=nimh,dc=nih,dc=gov"
>       by dn="uid=Replicator,ou=People,dc=fmrif,dc=nimh,dc=nih,dc=gov"
write


The Replicator write line will never be evaluated, because "by * read" will 
be the first matching ACL.  If you want it to have write privileges, it 
needs to be moved above this line.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin

Reply via email to