Quanah Gibson-Mount wrote:
--On Monday, January 09, 2017 9:53 AM -0500 Beth Halsema bhalsema@purdue.edu wrote:
We have submitted OpenLDAP-ITS #8561 with a unit test and a possible patch to the ppolicy overlay.
If anyone else has run into this, we would be interested in any other work- arounds that have been used to address the issue.
I'm guessing that ppolicy is writing items that are not supposed to be replicated to the accesslog. This issue (ITS8561) and ITS8444 I think are generally similar items, in that while the accesslog is writing all write operations, replication requires that some write operations not be present in the accesslog. I'll be discussing with the other team members on how best to handle what are somewhat conflicting requirements.
IMHO non-replicated attributes should be simply ignored at the consumer-side (but still written to accesslog).
Ciao, Michael.