slapo-syncprov on read-only consumers

21 May 2022


      HI!
Is it still highly recommended to configure slapo-syncprov on read-only 
consumers?
Background:
I have a tier of read-only consumers with "lastbind on" and 
slapo-ppolicy configured, but no chaining to the writeable providers 
(e.g. no ppolicy_forward_updates). All providers and consumers are 2.6.2.
In case of a simple bind to this read-only consumer it makes local 
modification to the user's entry (pwdFailureTime and pwdLastSuccess) and 
it's ok for me that this is local to this consumer.
But with slapo-syncprov configured on the consumer slapd generates a new 
entryCSN with server ID 0 which results in a contextCSN value with SID 
0. This is what I'd like to avoid. Hence my above question.
Ciao, Michael.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

slapo-syncprov on read-only consumers