Hello Quanah, Thanks for clarification.
> > That confuses me a little bit. > > All replication on openLDAP are based on syncreplication (slurpd is > > vanished a long time ago) > > So what kind of replication means the manual page (-> "Replica servers")? > > It means that you run it in a replicated environment at your own risk. > Unfortunately, there is no defined standard for the "memberOf" > functionality (it's a MS hack) and so there's nothing that details how it > should or shouldn't behave with replication. In general, things work fine > as long as: > > a) The server(s) never go into REFRESH > and > b) You never bring up a new replica with an empty database (which then does > a full REFRESH) That means, if I run in mirrormode, I can turn on the memberOf overlay on the active openLDAP server and off on the slave. Then REFESH ist supported?! In emegency case (hardware error) I can make the mirror (manual) aktive an turn the overlay on?! Thanks Meike