Hi, I want to replicate only parts of my ldap tree. The documentation says, that access controls applys to the replication, so I created an access control that looks like the following:
Access to * filter=(foo=bar) by dn="cn=syncrepluser,dc=foo,dc=bar" Now I set the attribute foo to a value of bar in all objects I want to replicate. (the search filter on the consumer is objectClass=*). This works so far, but when I delete an object, it doesn't gets deleted on the consumer. When I make an access control in the form Access to dn.sub="cn=a,dc=foo,dc=bar" by dn="cn=syncrepluser,dc=foo,dc=bar" It works correcly. So my question is it possible to get my first idea to work i.e. is it a bug, or is it not possible to do things like this? If not, is there another possibility to get it working? Note that I have to replicate a lot of objects from different places, so it is not a possiblity to create access rules for all objects. Also it's necessary that the consumer can only see the objects it should replicate and no other objects. Any idea? Gerald --------------------------------------------------------------------------- Besuchen Sie uns auf der CeBIT 2006 in Halle 7, Stand B30 (Aladdin) --------------------------------------------------------------------------- Gerald Richter ecos electronic communication services gmbh IT-Securitylösungen * Webapplikationen mit Apache/Perl/mod_perl/Embperl Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz E-Mail: [EMAIL PROTECTED] Voice: +49 6133 939-122 WWW: http://www.ecos.de/ Fax: +49 6133 939-333 --------------------------------------------------------------------------- ECOS BB-5000 Firewall- und IT-Security Appliance: www.bb-5000.info --------------------------------------------------------------------------- ** Virus checked by BB-5000 Mailfilter **