Hi everyone,
I just configured a directory tuning readonly in the backend database :
olcDatabase={1}bdb,cn=config ... olcreadonly: TRUE
Good : now if I try to change anything I get an "Server is unwilling to perform (53)" from the server, for axample :
# ldappasswd -h localhost -D "uid=olivier,ou=people" -W -S "uid=guillard,ou=people" New password: Re-enter new password: Enter LDAP Password: Result: Server is unwilling to perform (53) Additional info: operation restricted
On the other hand, I also have configured this directory to get synchronized on another ldap server through a syncrepl directive, and I see that the ldap synchronization works properly: if I change my password an the master ldap, it's propagated on my "readonly" slave one.
This is good since this is exactly what I want.
However I have not found the confirmation of this behaviour in the documentation (may be I missed something), that's why I ask here :
Is it correct to configure a olcreadonly directory to be slave through syncrepl to another one ?
Thanks,
--- Olivier