On Wed, Nov 19, 2008 at 06:09:49PM -0500, Aaron Richton wrote:
On Wed, 19 Nov 2008, John Morrissey wrote:
On Wed, Nov 19, 2008 at 09:13:49PM +0100, Dieter Kluenter wrote:
it might not be related to your replication problem, but setting a sizelimit=unlimited in syncrepl configuration reduces the chance that clientside limitations come into effect. If you require starttls and integrity you should at least add tls_cacert option to syncrepl configuration.
For client operations, doesn't syncrepl operate as the rootdn, which is exempt from size/time limitations?
Internally, syncrepl acts as the rootdn. However, when going over the wire to the provider, it must be configured with a binddn and credentials. Certainly there is nothing in the client stopping you from specifying the rootdn as the syncrepl binddn, but that is not considered best practice.
Right. Dieter mentioned "clientside limitations," which I took to mean internal operations performed on the consumer.
john