Full_Name: Ryan Tandy Version: RE24 OS: Debian URL: Submission from: (NULL) (142.31.146.2) Submitted by: ryan

jindraj in #openldap reported that in a master/slave setup, nssov on the slave updates loginStatus in the local db, not on the master. nssov should update loginStatus in a way that can be forwarded properly (possibly controlled by a conf option, similar to ppolicy_forward_updates).

The loginStatus updates also don't behave intuitively under MMR. The mod is done without opattrs, so is not immediately replicated, but it does get replicated if the entry's CSN gets updated for any other reason.

loginStatus is not an operational attribute, nor is user-modification of it prohibited. (Maybe it should be?)