Am 2021-02-01 18:18, schrieb Quanah Gibson-Mount:
--On Monday, February 1, 2021 5:17 PM +0100 Udo Rader
<[email protected]> wrote:
OpenLDAP 2.4.47
You need to run the current release (2.4.57) to have stable
replication. Hopefully Debian has it in backports for your release. I
strongly advise reading the list of fixes made since 2.4.47.
Thanks. We've been using proxy sync-repl without any real issues for
years. Every now and then we had (and have) to fix some "glue" objects
that for no apparent reason don't get synced properly, but I am unsure
if this is the issue here.
ldapsearch shows that the consumers seem to have all the required
information, but for reasons unknown, the memberOf overlay doesn't
return all members of a group. Difficult to say if this has to do
something with our proxied sync-repl situation, but like I said, we've
seen some weird things going on when using this kind of setup.
Nevertheless, thanks for pointing out how far back debian is. If this
has indeed something to do with the outdated versions, we will switch
back to our previous FreeBSD based instances.
