On 31/10/2019 21:25, Martin Pittamitz wrote:
On 29/10/2019 22:33, Quanah Gibson-Mount wrote:
autogroup is probably only usable in a replicated environment where there is a single provider and it is only configured on the provider (i.e., not configured on the consumers at all) and without memberOf. I'm not sure how it behaves with delta-syncrepl (i.e., what operations it logs in the change database). It may or may not be compatible for that configuration.
I would need a way disable those overlays on the consumer, still keeping the necessary ObjectClasses and such, and in that case memberOf and autogroup would just work on the provider and their "results" are replicated to the consumer. Sadly, my understanding of OpenLDAP is lacking in that regard.
Removing autogroup and memberof overlays from the the consumer seems to have solved the problem. I will be looking out for eventual issues.
Regards Martin