Hi, we've got 2.0.0-M16 with patches for DIRSERVER-1971 backported (to be able to have access control and replication) set up on two servers with circular replication (A->B, B->A).
We're also running with password policies, specifically we require users to change their passwords after they've been reset by an administrator, which seems governed by the attribute pwdReset on the user's object. After resetting the password, pwdReset: TRUE is set on the user object and that seems to replicate correctly to the other server. When the user changes the password, pwdReset is removed from the user object - but that attribute removal doesn't replicate. My first suspicion was that it was somehow related to pwdReset not being part of any objectClass for the object (along the lines of "it only needs to check for possible attributes that may have gone missing"), but I tried making a new objectClass (with MAY pwdReset) and apply it to my account without seeing any improvement. I haven't noticed any interesting errors in the logs running with log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG is there any other part that may produce more interesting logs for this or does anyone have other suggestions? regards, /Pontus
