Hi Karsten, I'll leave the questions about replication to the experts, but:
On Thu, Sep 20, 2018 at 10:29:11PM +0200, Karsten Heymann wrote:
- I've read in an older debian bug report, that changing
olcAuthRegexp requires a slapd restart in order to be effective. Is that still the case?
Yes.
I've been working on it and I think the code is working, but still need to test it more thoroughly. Should be included in OpenLDAP 2.5; the changes are a little too invasive for 2.4 at this point.
If yes, could this *please* be added to the manpage and the documentation? Pretty please?
The Debian package was patched to note this in the slapd-config(5) man page. IIRC the man page patch was rejected upstream in favour of just fixing the code.
- Is ldapwhoami supposed to also print out the result of a
authz-regexp mapping?
I believe it is, yes. (Except "instead" rather than "also", but I think that's what you meant.)
Ryan