--On Friday, January 19, 2007 11:25 PM +0100 Andrea Venturoli ml@netfence.it wrote:
Hello. I guess this must be a FAQ, but I tried searching for a whole day and didn't came up with any answer.
I've got two FreeBSD servers running openldap 2.3.32 in a master/slave configuration. I'm using slurpd to keep them in sync: I tried this with the rootdn as the slurp binddn and from a network perspective it works. Now, I obviously don't want to use rootdn for this, so I created a new user and I'm using simple authentication (on an SSL layer).
I get problems with access control, however, that prevent it from working.
What I did:
I created this user:
dn: uid=slurpd,ou=users,dc=xxxxxxxx,dc=xx
access to * by dn="uid=slurp,ou=users,dc=xxxxxxxx,dc=xx" write The problem is I cannot access the slave database with dn="uid=slurp,ou=users,dc=xxxxxxxx,dc=xx".
What I get is:
slave# ldapsearch -w xxxxxxx -D 'uid=slurp,ou=users,dc=xxxxxxxx,dc=xx' -b What am I doing wrong?
The user you created (uid=slurpd) is not the DN you gave access to (uid=slurp), assuming that isn't a typo and is a direct cut & paste.
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html