We have determined that our initial patch resulted in an undesirable side effect (a race condition due to the "drop" code now being executed).

We are uploading a different patch. In short, the modification is limited to the replica handling in the ppolicy_modify() function in which we have changed from the use of LDAP_MOD_DELETE to SLAP_MOD_SOFTDEL.

If this is a potentially "dangerous" choice, then, please, let us know. We would prefer to wait for your official modifications, but we understand that the discussion and resolution may take a while. We needed to address the the constant syncrepl REFRESH of our large directory as it was causing operational issues.

Thank you!

------------------------------------------------------------------------- Beth A. Halsema - GSEC, GSSP-Java email:bhalsema@purdue.edu Sofware Engineer, Identity & Access Management OVPIT - IT Security and Policy 3495 Kent Avenue, Suite 100 Fax : (765) 464-2233 West Lafayette, IN 47906 Campus Mail: ROSS