[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl and memberof do not work well together



John Alex. wrote:
I have a provider-consumer configuration (both at version 2.4.40) where the consumer uses
simple syncrepl (no delta sync). I am using the memberof overlay in the provider, and,
having read the slapo-memberof manpage and ITS#7400, I made sure to exclude "memberof"
from the synced attributes,

Explicitly excluding "memberof" should not be necessary with 2.4.40.

The problem occurs when a user entry is modified in any way, e.g. by changing a password,
adding a description, etc. From what I understand, when a change occurs in an entry,
non-delta syncrepl causes the entire entry to be resynced, not just the modified
attributes. The result is that the "memberof" attributes of this entry on the consumer are
removed.

Is this the intended behavior?

No, this is not intended. But note that you have to run slapo-memberof on each replica since "memberof" attribute is maintained locally.

Without seeing you config it's impossible to say more.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature