Hello.
I'm trying to follow change propagations errors using delta-synrepl in search & persist mode, by using an accesslog overlay both on master and on slaves. I've a few questions for which I didn't found answer in the documentationn.
First, I noticed than changes on the slaves seems to be written from rootdn, not from the dn declared in the syncrepl directive, which seems to be only used on the master, meaning I don't need any specific ACL on the slave. Is this correct ?
Second, I have several slaves synchronizing on the same master. From slapd.conf man page, rid is supposed to be unique in the consumer only, meaning all my slaves can safely use the same rid (easier for maintaining centralized configurations). Is this correct interpretation ?
Third, I noticed a lot of errors correction for syncrepl in openldap changelog. As I can't easily change installed versions (our policy is to stick with our distribution provided package, meaning a mix of 2.3.27 and 2.3.34), am I correct assuming 'refresh only' mode is less fragile than 'refresh & persist' mode, and than total synchronisation is also less fragile than delta synchronisation, if I need to fallback on a safer mode ?