Hello everybody,
I now have an LDAP Master server (version 8.8.15 latest). I want to install more LDAP Slave server (read-only). I followed the guide (Ldap Replication)
https://zimbra.github.io/installguides/ ... eplication
But when I finished the installation, the symptom was that this LDAP Slave server could still create, edit, and delete account (write). So how can I switch the mode of this LDAP Slave server back to read-only?
Thanks very much.
How to install LDAP Replication read-only?
Re: How to install LDAP Replication read-only?
You can remove the ldap_master_url from the localconfig in the server; although, I am not 100% sure of the ramifications. I guess if the server is not doing any changes, it *might* be ok to leave ldap_master_url blank.
zmlocalconfig -e ldap_master_url=""
Remember...
zmlocalconfig ldap_url <<== Lookups / Read-Only
zmlocalconfig ldap_master_url <<== Make changes
If needed, you can also disable anonymous ldap connections as well.
/opt/zimbra/libexec/zmldapanon -d
zmlocalconfig -e ldap_master_url=""
Remember...
zmlocalconfig ldap_url <<== Lookups / Read-Only
zmlocalconfig ldap_master_url <<== Make changes
If needed, you can also disable anonymous ldap connections as well.
/opt/zimbra/libexec/zmldapanon -d
--
Rick King
Rick King
Re: How to install LDAP Replication read-only?
Hello king0770
I try and result when I "zmlocalconfig -e ldap_master_url=""":
"Host ldapslave.example.com.vn
Starting ldap...Done.
Connect: Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate."
Current, my config with ldap_url:
ldap_url = ldap://ldapslave.example.com.vn:389 ldap://ldapmaster.example.com.vn:389
This is value default after I install
I sill have not resolved the problem
I try and result when I "zmlocalconfig -e ldap_master_url=""":
"Host ldapslave.example.com.vn
Starting ldap...Done.
Connect: Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate."
Current, my config with ldap_url:
ldap_url = ldap://ldapslave.example.com.vn:389 ldap://ldapmaster.example.com.vn:389
This is value default after I install
I sill have not resolved the problem
king0770 wrote:You can remove the ldap_master_url from the localconfig in the server; although, I am not 100% sure of the ramifications. I guess if the server is not doing any changes, it *might* be ok to leave ldap_master_url blank.
zmlocalconfig -e ldap_master_url=""
Remember...
zmlocalconfig ldap_url <<== Lookups / Read-Only
zmlocalconfig ldap_master_url <<== Make changes
If needed, you can also disable anonymous ldap connections as well.
/opt/zimbra/libexec/zmldapanon -d
Re: How to install LDAP Replication read-only?
I have solved the problem. The reason is that I use "zmprov" to create an account that "zmprov" will call the LDAP master to create. So I installed it correctly according to the instructions above