On Wednesday 24 September 2008 11:56:27 Maurizio Lo Bosco wrote:
I'm using openldap 2.3.30 on debian etch (-5+etch1) with syncrepl.
I have configured the write access to a single attribute for a user, I'm
able to change the attribute with such user but the replace is not
propagated to the consumers. If I change the same attribute with a user
with more access rights the syncrepl is working fine.
You need to provide more information here. What I understand from the above
should not cause any problems.
I think that some access rules are missing for the user, something
contextCSN in the user dn.
The only requirement is that the DN that is used as the binddn in the syncrepl
statement on the consumer must have read access to all the attributes that are
required to be replicated to the consumer, plus the entryCSN/entryUUID on all
the entries that must be replicated, plus the contextCSN on the basedn.
Additionally, the DN must have a sufficiently large "quota" (time/size limits)
to retrieve the entire contents that matches the filter used in the consumer
Since you haven't provided any configuration details, it is impossible to
comment on whether your configuration satisfies these requirements