On 29/10/2019 22:33, Quanah Gibson-Mount wrote:
autogroup is probably only usable in a replicated environment where
there is a single provider and it is only configured on the provider
(i.e., not configured on the consumers at all) and without memberOf.
I'm not sure how it behaves with delta-syncrepl (i.e., what
operations it logs in the change database). It may or may not be
compatible for that configuration.
I would need a way disable those overlays on the consumer, still
keeping the necessary ObjectClasses and such, and in that case
memberOf and autogroup would just work on the provider and their
"results" are replicated to the consumer. Sadly, my understanding of
OpenLDAP is lacking in that regard.