Protecting replication topology entries

The default propagating ACLs inherited from a suffix or root entry might be inappropriate for controlling access to the replication topology entries. To protect access to all replication topology entries in the server, make sure that the ibm-slapdReplRestrictedAccess attribute value is set to true in the cn=replication,cn=configuration entry. When the ibm-slapdReplRestrictedAccess attribute is true, only an LDAP root, directory data, or replication administrator, and the master server DN for the replication context is allowed access to the replication topology entries. See Table 2 for more information about the ibm-slapdReplRestrictedAccess attribute.