Re: question about cn=config replication and security.

12 Feb 2011


      Le 11/02/2011 18:26, Mailing Lists a écrit :
...
Hello.
I'm running a pair of openldap 2.4 servers which replicate cn=config DB
in mirror mode.
Is there a way to configure a RO user (like user from BDB) for cn=config
DB, so should someone get a hold of it's password, and still will not be
able to change the configs ?
Hi,
I'm not entirely sure I've understood your question, but you can write
ACLs to allow any user (using any DN, thus including a DN from a BDB
database) access to the cn=config subtree.
Jonathan
-- 
--------------------------------------------------------------
Jonathan Clarke - jonathan@phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: question about cn=config replication and security.