Full_Name: Paul B. Henson Version: 2.3.40 OS: Gentoo URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (134.71.248.24)

I recently installed some updates and configuration changes on one of my LDAP slaves. Replication broke mysteriously after that. The only thing logged was "slapd[30723]: do_syncrepl: rid 001 retrying (9 retries left)"

I finally figured out that the search was failing with a protocol error because derefAliases was set to always, a setting I had just added. It would be useful if replication failure provided better error messages, something in the logs indicating that a protocol error had occurred because of an invalid dereferencing setting would have saved me a lot of time.

In addition, if it is a protocol error to dereference aliases in the context of syncrepl, shouldn't the server just ignore that global configuration setting and just do the right thing?