I just configured a directory tuning readonly in the backend database :
Good : now if I try to change anything I get an "Server is unwilling to
from the server, for axample :
# ldappasswd -h localhost -D "uid=olivier,ou=people" -W -S
Re-enter new password:
Enter LDAP Password:
Result: Server is unwilling to perform (53)
Additional info: operation restricted
On the other hand, I also have configured this directory to get
synchronized on another ldap server through a syncrepl directive, and I see
that the ldap synchronization works properly: if I change my password an
the master ldap, it's propagated on my "readonly" slave one.
This is good since this is exactly what I want.
However I have not found the confirmation of this behaviour in the
documentation (may be I missed something), that's why I ask here :
Is it correct to configure a olcreadonly directory to be slave through
syncrepl to another one ?