Hello I installed a new openldap replica (openldap-servers-2.4.23-20.el6.i686) , with a partial replication enabled by restricting certain branches/attributes to the binddn account that replicate from the master. However, on some operation (modify userPassword for example) the modification fails:
Mar 22 17:51:20 ldapz2 slapd[24456]: No structuralObjectClass for entry (uid=bde,ou=People,dc=int-evry,dc=fr) Mar 22 17:51:20 ldapz2 slapd[24456]: entry failed schema check: no structuralObjectClass operational attribute Mar 22 17:51:20 ldapz2 slapd[24456]: null_callback : error code 0x50 Mar 22 17:51:20 ldapz2 slapd[24456]: syncrepl_entry: rid=001 be_modify failed (80) Mar 22 17:51:20 ldapz2 slapd[24456]: do_syncrepl: rid=001 rc 80 retrying (9 retries left)
what's wrong ? could it be related to the fact that the binddn account cannot read all attributes from the master ? I did checked that he can read userpassword attribute though . is there an ACL to be set to hte replica binddn account to allow him to read operational attributes ?
thanks for your help.