<quote who="Chris G. Sellers"> > Ok, I did find part of my error. It was not explicitly named in the > syncrepl statement. I added pwdChangedTime and pwdHistory to the > syncrepl attrs line and it does sync them now -- but only if they > already exist. The account does not have a pwdChangedTime, and you > change the password on servera, serverb does not get the attribute > populated. I will have to monitor the logs to see. > > Thanks for making me think different about the problem. > > > --line changed -- > > attrs > = > "*,structuralObjectClass > ,entryUUID > ,entryCSN > ,creatorsName > ,createTimestamp,modifiersName,modifyTimestamp,pwdPolicySubentry" > >
Why not just leave it as default: "The attrs list defaults to "*,+" to return all user and operational attributes, and attrsonly is unset by default." -- Kind Regards, Gavin Henry. OpenLDAP Engineering Team. E [EMAIL PROTECTED] Community developed LDAP software. http://www.openldap.org/project/
