--On Monday, February 03, 2014 1:06 PM -0500 "Borresen, John - 0442 - MITLL" John.Borresen@ll.mit.edu wrote:
The "cn=replicator,cn=accesslog" was the olcRootDN for the accesslog.
Rather that was my intent.
Rereading documentation...and the script you shared with me a few weeks back.
Currently, my set up is:
- The rootDN for the cn=config is cn=admin (cn=admin,cn=config)
- the rootDN for my primary dbase is cn=ldapadmin
(cn=ldapadmin,dc=example,dc=ldap) 3) the rootDN for the accesslog, as mentioned above, is/was cn=replicator (cn=replicator,cn=accesslog)
My ou=Users,dc=example,dc=ldap has all the End-Users uids for logins.
Noticed you have a cn=admins,cn=zimbra.
Bear with the stupid question, this is more of a sanity check for me (getting pressure from my side to get this project done -- so very rushed).
I could/should create an "ou=Admins,dc=example,dc=ldap", on both MM-Servers
In that ou create/move the replicator that I wrongfully created in cn=accesslog:
uid=replicator,ou=Admins,dc=example,dc=ldap
That will get this user in the dbase.
Modify, the olcSyncrepl, olcAccess, etc on both MM-Servers.
Is that basically, correct?
Yes. For replication, you need one single replication DN to be used for replication, that has read access into both your primary DB and your accesslog DB. The rootdns are entirely separate from any of that.
--Quanah
--
Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration