I just configured a directory tuning readonly in the backend database :
Good : now if I try to change anything I get an "Server is unwilling to perform (53)"
from the server, for axample :
# ldappasswd -h localhost -D "uid=olivier,ou=people" -W -S "uid=guillard,ou=people"
Re-enter new password:
Enter LDAP Password:
Result: Server is unwilling to perform (53)
Additional info: operation restricted
On the other hand, I also have configured this directory to get synchronized on another ldap server through a syncrepl directive, and I see that the ldap synchronization works properly: if I change my password an the master ldap, it's propagated on my "readonly" slave one.
This is good since this is exactly what I want.
However I have not found the confirmation of this behaviour in the documentation (may be I missed something), that's why I ask here :