Thank you very much Quanah for your response!
> Sort of. If you added the schema and then an object, the other masters > should halt replication at that point until they have a matching schema. That's interesting. > Not really, no. It does depend on the version of OpenLDAP in use, as > there > were some bugs in older OpenLDAP versions that would allow the object to > partially replicate or the object to just get skipped, which could cause > headache. But those issues were fixed. > So then best practice with tree sync is add the schema to all masters first, then an object. which would make sense. > I would say that by doing cn=config replication, you've added a wide > surface area for new issues to occur. I generally view cn=config > replication as more of a beta feature. There are still ongoing issues > being resolved and fixed for it (For example, ITS#8616 in the most recent > 2.4.47 release) Hmm... so would you recommend removing the replication of cn=config for now? Individually adding the schema to each master is feasible for us. Thank you again -Dave
