Diff-files created by ldif-diff will cause replication to lose single-value attributes instead of change it.
Basically, when doing add+delete for single-value attributes, the replica will get updates if the attribute has not been modified before, but if it has been modified (regardless of method?), the replica will lose the attribute instead. Doing delete+add works fine and also changetype: replace.
Changing uidNumber and shadowLastChange (single-value ones) with add+delete will cause the replica to lose it, changing sn (which you can have multiple of) will work fine. I have not tested other attributes, but it seems to point at problems with single-value attributes.
Attached is a zip file of scripts to reproduce it, modify variables at top of do.sh and/or do-short.sh to point at two replicated servers, created according to instructions below. Also included a log file of erroneous behavior.
0* ldif's are for cleanup/init.
1* and 2* are using add+delete.
3* and 4* are using delete+add.
5* and 6* are using modify (which will only work for single-value attributes I guess).
A sequence of 00, 01, 20, 21 will lose SLC (shadowLastChange) at 21.
A sequence of 00, 01, 40, 41, 20 will lose SLC at 20.
Tried 2.4.5, 2.4.6, 2.5.0-Xpress1, 2.5.0-20121101 - all with the same result. 2.4.5 has been tried with both java7 and 1.6, the other versions with 1.6.
Two servers initialized with:
./setup -b dc=example,dc=com -w 1234 -i -n -a
and then replication enabled with:
bin/dsreplication enable --host1 itchy --port1 4444 --bindDN1 "cn=directory manager" --bindPassword1 1234 --replicationPort1 8989 --host2 scratchy --port2 4444 --bindDN2 "cn=directory manager" --bindPassword2 1234 --replicationPort2 8989 --adminUID admin --adminPassword 1234 --baseDN "dc=example,dc=com" -X -n
(where itchy and scratchy was my two test servers)