Hi!

 

Some time ago U had replaced a password policy, and it was quite sme work to replace all occurrences.

So I thought reint cul help. I configured:

 

dn: olcOverlay={4}refint,olcDatabase={1}mdb,cn=config

objectClass: olcOverlayConfig

objectClass: olcRefintConfig

olcRefintAttribute: member

olcRefintAttribute: pwdPolicySubentry

olcOverlay: {4}refint

 

And I did apply a test rename of the policy used by many users. I got no error from the modify, but slapd said many times:

slapd[28826]: ppolicy_get: policy subentry cn=pp-default-2024-05x,…,dc=de missing or invalid at 'pwdPolicySubentry', no policy will be applied!

 

Shouldn’t refint have fixed those entries, or is there something special about password policy?

The other thing I had noticed was that the MMR consumer did not complain at all, and it even looks as if the update wasn’t sent.

 

Did anybody try this before?

 

When I checked for the member attribute by deleting a user, all members containing that user were removed, however.

I see “modifiersName: cn=Referential Integrity Overlay”, too.

Same is true for a rename.

 

Kind regards,

Ulrich Windl