At 05:00 PM 12/23/2006, Howard Chu wrote:
Kurt D. Zeilenga wrote:
It might be more appropriate to handle this issue on the
consumer than the provider. An arbitrary LDAP sync client
might want this and other DSA specific attributes included
in the content. That is, the provider should not assume
the consumer is doing server-to-server replication.
True. The problem was that the auditContext attribute wasn't defined on the consumer. There's no obvious way to configure a consumer to exclude unknown attributes,
Personally, I think this kind of problem is better solved by
configuration then by code. Configuration wise, this can be
addressed on either consumer side via a narrower attrs list,
or on the provider side with an ACL.