Hi everyone,

I just configured a directory tuning readonly in the backend database :

olcDatabase={1}bdb,cn=config
...
olcreadonly: TRUE

Good : now if I try to change anything I get an "Server is unwilling to perform (53)"
from the server, for axample :

# ldappasswd -h localhost -D "uid=olivier,ou=people" -W -S "uid=guillard,ou=people"
New password:
Re-enter new password:
Enter LDAP Password:
Result: Server is unwilling to perform (53)
Additional info: operation restricted

On the other hand, I also have configured this directory to get synchronized on another ldap server through a syncrepl directive, and I see that the ldap synchronization works properly: if I change my password an the master ldap, it's propagated on my "readonly" slave one.

This is good since this is exactly what I want.

However I have not found the confirmation of this behaviour in  the documentation (may be I missed something), that's why I ask here :

Is it correct  to configure a olcreadonly directory to be slave through syncrepl to another one ?

Thanks,

---
Olivier