--On Monday, February 03, 2014 1:06 PM -0500 "Borresen, John - 0442 -
MITLL" <John.Borresen(a)ll.mit.edu> wrote:
> The "cn=replicator,cn=accesslog" was the olcRootDN for the accesslog.
>
> Rather that was my intent.
>
> Rereading documentation...and the script you shared with me a few weeks
> back.
>
> Currently, my set up is:
> 1) The rootDN for the cn=config is cn=admin (cn=admin,cn=config)
> 2) the rootDN for my primary dbase is cn=ldapadmin
> (cn=ldapadmin,dc=example,dc=ldap) 3) the rootDN for the accesslog, as
> mentioned above, is/was cn=replicator (cn=replicator,cn=accesslog)
>
> My ou=Users,dc=example,dc=ldap has all the End-Users uids for logins.
>
> Noticed you have a cn=admins,cn=zimbra.
>
> Bear with the stupid question, this is more of a sanity check for me
> (getting pressure from my side to get this project done -- so very
> rushed).
>
> I could/should create an "ou=Admins,dc=example,dc=ldap", on both
> MM-Servers
>
> In that ou create/move the replicator that I wrongfully created in
> cn=accesslog:
>
> uid=replicator,ou=Admins,dc=example,dc=ldap
>
> That will get this user in the dbase.
>
> Modify, the olcSyncrepl, olcAccess, etc on both MM-Servers.
>
> Is that basically, correct?
Yes. For replication, you need one single replication DN to be used for
replication, that has read access into both your primary DB and your
accesslog DB. The rootdns are entirely separate from any of that.
--Quanah
--
Quanah Gibson-Mount
Architect - Server
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration