--On Friday, September 28, 2018 11:35 AM +0200 Meike Stone meike.stone@googlemail.com wrote:
That confuses me a little bit. All replication on openLDAP are based on syncreplication (slurpd is vanished a long time ago) So what kind of replication means the manual page (-> "Replica servers")?
It means that you run it in a replicated environment at your own risk. Unfortunately, there is no defined standard for the "memberOf" functionality (it's a MS hack) and so there's nothing that details how it should or shouldn't behave with replication. In general, things work fine as long as:
a) The server(s) never go into REFRESH
and
b) You never bring up a new replica with an empty database (which then does a full REFRESH)
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com