Hi,

I have a provider server and five consumer servers, all of which have the memberOf overlay configured:

overlay memberof
memberof-group-oc groupOfUniqueNames
memberof-member-ad uniqueMember
memberof-refint true
memberof-dangling ignore

syncrepl rid=005
        provider=ldap://<server>:389
        type=refreshAndPersist
        interval=00:00:05:00
        retry="60 10 600 +"
        searchbase="dc=<removed>,dc=<removed>"
        filter="(objectClass=*)"
        scope=sub
        attrs="*"
        schemachecking=off
        starttls=no
        bindmethod=simple
        binddn="cn=replica,dc=<removed>,dc=<removed>"
        credentials=<removed>

When I bring a new replica online, it appears that entries are replicated in the order that they were created on the provider server which produces many "memberof_value_modify failed err=32" messages in the log, and incomplete memberOf data. To get around this, I wrote a script which empties all groups prior to replication, and then recreates the memberships after the initial replication. This seems to work, but is hardly ideal. Is there a "more correct" way of replicating memberOf values without manipulating my provider each time I bring up a new consumer?