Hi,
I've got a partial syncrepl replica, which (among others) misses the userPassword attributes of the provider database. I added a pbind overlay to the replica, which forwards binds to the provider, thus it became possible to do simple binds against the replica. But access control on the replica does not honor these binds properly: "by users" works, but "by self" does not. Before I waste too much time debugging: is it supposed to work at all? I tested this under 2.4.31 with:
dn: olcDatabase={1}mdb,cn=config olcAccess: to * by dn.exact=gidNumber=119+uidNumber=116,cn=peercred,cn=external,cn=auth read by self read by * none olcSyncrepl: rid=1 [...]
The external auth part works, and if I replace self with users, that works as well (but is not what I want). Do I expect too much? -- Thanks, Feri.