Quanah Gibson-Mount wrote: > All write ops (add/mod/rename/delete etc) get stored in the accesslog db. > Fallback only occurs when the change has been expired out of the accesslog > db. One of the caveats with delta-syncrepl is that partial replication based on ACLs gets much more complicated. In case of OATH-LDAP I don't want to replicate attribute 'oathSecret' to read-only consumers because it's of no use there anyway. So I have separate groups for providers and all replicas applying different ACLs to them. Defining ACLs for distinct values in accesslog's 'reqMod' attribute is not impossible but more complex. Especially I expect it's not tested with delta-syncrepl at all so far. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature