mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
authzFrom removed.
This commit is contained in:
parent
d4c22b0c1d
commit
e908e97338
@ -111,16 +111,13 @@ definitions:
|
||||
> credentials="<secret>"
|
||||
> mode="self"
|
||||
> chain-tls start
|
||||
> chain-idassert-authzFrom "*"
|
||||
> chain-return-error TRUE
|
||||
> updateref "ldap://ldapmaster.example.com/"
|
||||
|
||||
The {{B:chain-tls}} statement enables TLS from the slave to the ldap master.
|
||||
The {{B:chain-idassert-authzFrom}} statement will assert the identity of whatever
|
||||
bound dn on the slave is making the update request. The DITs are exactly the
|
||||
same between these machines, therefore whatever user bound to the slave will
|
||||
also exist on the master. If that DN does not have update privileges on the master,
|
||||
nothing will happen.
|
||||
The DITs are exactly the same between these machines, therefore whatever user
|
||||
bound to the slave will also exist on the master. If that DN does not have
|
||||
update privileges on the master, nothing will happen.
|
||||
|
||||
You will need to restart the slave after these changes. Then, if you are using
|
||||
{{loglevel 256}}, you can monitor an {{ldapmodify}} on the slave and the master.
|
||||
|
Loading…
Reference in New Issue
Block a user