dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=domain,dc=com
olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * non
 e
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcAccess: {2}to * by * read
olcLastMod: TRUE
olcRootDN: cn=admin,dc=domain,dc=com
olcRootPW:: e1NTSEF9UThYdWNWY1BwMldsd1l3VGxtRkhWYWlrVVN5Y0hBUnk=

Начало переадресованного сообщения:

Отправитель: Quanah Gibson-Mount <quanah@symas.com>
Тема: Ответ: MultiMaster replication password
Дата: 30 января 2020 г. в 00:17:00 GMT+3
Кому: Клеусов Владимир Сергеевич <Kleusov.Vladimir@wildberries.ru>, <openldap-technical@openldap.org>
Ответ-Кому: Quanah Gibson-Mount <quanah@symas.com>



--On Wednesday, January 29, 2020 8:07 PM +0000 Клеусов Владимир Сергеевич <Kleusov.Vladimir@wildberries.ru> wrote:

Funny. And according to that instruction, there was nothing about the
ACL: =)


Now can I create an acl without breaking replication ?

Your configuration clearly comes with pre-defined ACLs.  You need to appropriately modify said ACLs.  As you have not provided your ACLs, there's not much help that can be offered.

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>