John Alex. wrote:
I have a provider-consumer configuration (both at version 2.4.40) where the consumer uses simple syncrepl (no delta sync). I am using the memberof overlay in the provider, and, having read the slapo-memberof manpage and ITS#7400, I made sure to exclude "memberof" from the synced attributes,
Explicitly excluding "memberof" should not be necessary with 2.4.40.
The problem occurs when a user entry is modified in any way, e.g. by changing a password, adding a description, etc. From what I understand, when a change occurs in an entry, non-delta syncrepl causes the entire entry to be resynced, not just the modified attributes. The result is that the "memberof" attributes of this entry on the consumer are removed. Is this the intended behavior?
No, this is not intended. But note that you have to run slapo-memberof on each replica since "memberof" attribute is maintained locally.
Without seeing you config it's impossible to say more. Ciao, Michael.
Description: S/MIME Cryptographic Signature