[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8149) nssov loginStatus doesn't play well with replication



Full_Name: Ryan Tandy
Version: RE24
OS: Debian
URL: 
Submission from: (NULL) (142.31.146.2)
Submitted by: ryan


jindraj in #openldap reported that in a master/slave setup, nssov on the slave
updates loginStatus in the local db, not on the master. nssov should update
loginStatus in a way that can be forwarded properly (possibly controlled by a
conf option, similar to ppolicy_forward_updates).

The loginStatus updates also don't behave intuitively under MMR. The mod is done
without opattrs, so is not immediately replicated, but it does get replicated if
the entry's CSN gets updated for any other reason.

loginStatus is not an operational attribute, nor is user-modification of it
prohibited. (Maybe it should be?)