search for: ad_base_dn

...dap >> moduleload? back_meta >> moduleload? memberof >> moduleload? mr_passthru >> >> # Per database settings >> database meta >> >> readonly yes >> protocol-version 3 >> chase-referrals no >> sizelimit 1000 >> suffix "<AD_BASE_DN>" >> >> uri "ldaps://<FQDN-AD-DC-1>/<AD_BASE_DN>" "<FQDN-AD-DC-2>" >> >> # It turns out we cannot limit: >> #?? - what is in a query (i.e. restrict it to a certain pattern) >> #?? - the bind-dn to a dn.subtree >&gt...

Der Rowland, We share that concerns actually and of course if there is a way to avoid it, it is always better. Another fellow suggested us an LDAP-Proxy instead (personally have never setup one). What we actually need in our case scenario, is only that service and not the rest of bells and whistles of an RODC. I just was wondering if someone had experience with what happens if one does