--On January 2, 2008 2:22:20 PM +0100 Pierangelo Masarati ando@sys-net.it wrote:
According to the configuration files posted, the user "cn=admin,dc=ipodion,dc=at" is used as binddn by the consumer, but it is the rootdn on the producer, so it can read all values (the real, harmless error is that there's no point in authorizing access for the rootdn: it has unlimited access privileges). Local writes by syncrepl are performed with the local rootdn's identity, so there's no point in authorizing them either.
Hm, I thought at least at one point in time, syncrepl used the identity it bound as to make the updates in the local DB, but I guess not. Maybe that was just a holdover in my ACL files from when I used slurpd.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration