----- Original Message -----
From: "Paul B. Henson" henson@acm.org To: openldap-technical@openldap.org Sent: Wednesday, December 21, 2016 6:56:30 PM Subject: memberOf overlay issues with 2.4.44 + ITS 8432 patch
So far, I've only seem this behavior for group membership removals. Adds don't seem to cause a problem, nor do create/delete of groups or users as far as I can tell.
Any thoughts on what's going on here? It's not causing any failures yes, as removing members multiple times results in the same end state and the multiple replication seems to have a fairly low upper bound. But it would be nice to fix it :).
Looks like a bug with the memberOf overlay when it is instantiated in a delta-syncrepl environment, based on this statement from the memberOf man page:
The memberof overlay may be used with any backend that provides full read-write functionality, but it is mainly intended for use with local storage backends. The maintenance operations it performs are internal to the server on which the overlay is configured and are never replicated. Replica servers should be configured with their own instances of the memberOf overlay if it is desired to maintain these memberOf attributes on the replicas.
Probably worth adding to ITS#8444.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com