Hello.
I have some troubles setting syncrepl + back-ldap push based replication, as described on
http://www.openldap.org/doc/admin24/replication.html#LDAP Sync Replication
I'm using current stable openldap - the problem is, when I set up daemons (using the same slapcat output file) and modify e.g. "description" attribute on master side, back-ldap pushes out system attributes like entryCSN, creatorsName, etc, which causes modify operation to fail on final consumer side.
conn=1000 op=33 MOD attr=creatorsName createTimestamp description entryCSN conn=1000 op=33 RESULT tag=103 err=19 text=creatorsName: no user modification allowed
Is it some ACL-related matter, should I create some ACL, which denies to read of system attributes on master-side, to avoid replicating it with syncrepl to local back-ldap ?
In such push-based scenario ( in opposite to classic provider-consumer syncrepl), final consumer does not know actually that it is a replica, it's just receiving modify operation, how do I prevent read-only system attributes from being pushed from back-ldap to final replica?
Regards, DT