https://bugs.openldap.org/show_bug.cgi?id=9863
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- Enabling this feature in a replicated environment is extremely dangerous as it will cause the consumers to either (a) update a CSN that may not currently be in use causing them to be out of sync with the providers, (b) update a CSN that is in use causing it to be out of sync with the providers, or (c) create a brand new CSN in their local database, causing them to have a mismatch with the providers. None of these situations is good.
In my non-prod environment, this is the CSNs on the providers:
contextCSN: 20220613043332.710038Z#000000#00a#000000 contextCSN: 20220613063348.624161Z#000000#014#000000 contextCSN: 20220613063341.429488Z#000000#01e#000000
On the consumers where I enabled lastbind, we have:
contextCSN: 20220613062500.129913Z#000000#001#000000 contextCSN: 20220613043332.710038Z#000000#00a#000000 contextCSN: 20220613063348.624161Z#000000#014#000000 contextCSN: 20220613063341.429488Z#000000#01e#000000
The #001# CSN was generated by lastbind. So now the consumers have mismatched cookies in comparison to the provider nodes.