https://bugs.openldap.org/show_bug.cgi?id=9205
--- Comment #1 from Ondřej Kuzník <[email protected]> --- On Tue, Apr 07, 2020 at 07:26:50AM +0000, [email protected] wrote: > Hello, > I'm doing a OpenLDAP test with a master/slave replication configuration > including ppolicy overlay. I would like to enable password change from the > slave replica with chain overlay, in order to validate the ppolicy > olcPPolicyForwardUpdates attribute to TRUE. I'm using LDAPS from slave to > master with SASL External authentication with client certificate. The client > certificate correspond to a user DN entry with "manage" rights on the master > server (the same used for the replication). This user DN has authzTo attribute > in order to match the correct PROXYAUTHZ request from its dn to user DN. > [...] > I've done a modification of test script test022-ppolicy to > test022-policy-chain > which use the same LDIF source and show the problem of modification on the > consumer not "relayed" to the supplier if a fail operation is not done before. Hi Frédéric, in your view, is this the same issue as ITS#9179? Does adding a fake binddn into the chain configuration help? -- You are receiving this mail because: You are on the CC list for the bug.
