It would be handy if plug-ins were able to perform internal updates on read-only updates, for example to maintain local state in users. Password policy cheats by being hardcoded to be allowed to write for example passwordretryCount to entries when they fail authentication.
Created attachment 413259 [details] patch proposal Adds SLAPI_OP_FLAG_BYPASS_REFERRALS flag to tell the mapping tree code to allow updates on "refer-on-update" backend.
commit 32e2b04dd1d98d96d90fdfaa3841524b3003dcdb Author: Rich Megginson <rmeggins> Date: Fri Sep 17 08:18:29 2010 -0600 add the account policy plugin and related server code, schema, and config
Do I need to test the values of the plugin attributes should get modified on the read only replicas? Please confirm with the steps.
I think you would have to set up replication with a master and a read-only replica and attempt to use account policy on the read-only replica.
I am able to set password policy on a read only replica successfully. Hence marking this as VERIFIED.