selective replication in 2.1

["Mike Denka" <mdenk@whidbey.net>]

I recently upgraded from 2.0.25 to 2.1.8 mostly to take advantage of the
selective replication feature available only in the 2.1 version of
openldap.  I am able to nicely exclude certain attributes from the
master to a slave using the "attr !=" syntax described in the slapd.conf
man page.  But the man page states that I can also include or exclude
not only attributes but also objectclasses in the same fashion.
However, when I use this directive to exclude an object class from a
replication entry from master to slave, no object classes are replicated
to the slave and, therefore, the update fails.  For example:

Let's figure a hypothetical entry whose object classes are
inetOrgPerson, posixAccount, and, say, a user created auxiliary object
class.  So there are three object classes, one of which is structural,
in a class of entries on the master.

Consider a partial replica statement in the slapd.conf file on the
master with the following:

Replica host=slave.example.org
. .
attr!=userPassword,organization

In this case, an update to the slave of a new or modified entry contains
all three objectclasses and all attributes in the updated or new entry
EXCEPT for the attributes userPassword and organization.

However, using this partial replica statement on the master in the
slapd.conf file:

Replica host=slave.example.org
. .
attr!=posixAccount 

results in an update to the slave containing attributes from the
inetOrgPerson and the user created object class but no attributes from
the posixAccount - just what I'd expect.  The problem is that NO
objectclasses for the entry are included in the entry sent to the slave.
Just attributes.  Since there are no objectclasses included in the
replicated entry, the slave will, of course, refuse to accept it.

Any ideas?

Thanks,

Mike