Am 08.01.20 um 16:16 schrieb Vincent Ducot:
> Hi all,
> I'm testing multi-master replication between (at least 2) openldap nodes
> (2.4.45, on Ubuntu 18.04) and facing a problem with replication account.
At some point in time I decided to create a separate database as
replication-account
slapd.conf:
database ldif
directory /empty
suffix "dc=syncrepl"
access to dn.base="dc=syncrepl" by * auth
rootdn "dc=syncrepl"
rootpw "{PLAIN}secret"
This account exist per configuration even on an "empty" syncrepl consumer and
is allowed to read/write the database to be replicated.
It will not be replicated itself an avoid the issue you describe. N-way
replication can start from zero.
If this should be insecure, I hope, somebody will correct me (and the archive),
please.
Andreas
