ITS#9275 -- Update wording to remove slave and master terms, consolidate on provider/consumer

ANNOUNCEMENT

@@ -9,7 +9,7 @@ A N N O U N C E M E N T -- OpenLDAP 2.4
 
         * Slapd(8) enhancements
             - Syncrepl enhancements, including push-mode and
-              Multi-Master support
+              Multi-Provider support
             - Dynamic configuration enhancements, including
               online schema editing and full access control
             - Dynamic monitoring enhancements, including

CHANGES

@@ -134,7 +134,7 @@ OpenLDAP 2.4.47 Release (2018/12/19)
 	Fixed slapd-bdb/hdb/mdb to not convert certain IDLs to ranges (ITS#8868)
 	Fixed slapo-accesslog deadlock during cleanup (ITS#8752)
 	Fixed slapo-memberof cn=config modifications (ITS#8663)
-	Fixed slapo-ppolicy with multimaster replication (ITS#8927)
+	Fixed slapo-ppolicy with multi-provider replication (ITS#8927)
 	Fixed slapo-syncprov with NULL modlist (ITS#8843)
 	Build Environment
 		Added slapd reproducible build support (ITS#8928)
@@ -196,7 +196,7 @@ OpenLDAP 2.4.45 Release (2017/06/01)
 	Fixed slapd segfault with invalid hostname (ITS#8631)
 	Fixed slapd sasl SEGV rebind in same session (ITS#8568)
 	Fixed slapd syncrepl filter handling (ITS#8413)
-	Fixed slapd syncrepl infinite looping mods with delta-sync MMR (ITS#8432)
+	Fixed slapd syncrepl infinite looping mods with delta-sync MPR (ITS#8432)
 	Fixed slapd callback struct so older modules without writewait should function.
                     Custom modules may need to be updated for sc_writewait callback (ITS#8435)
 	Fixed slapd-ldap/meta broken LDAP_TAILQ macro (ITS#8576)
@@ -271,7 +271,7 @@ OpenLDAP 2.4.43 Release (2015/11/30)
 	Fixed slapd-ldap to skip client controls in ldap_back_entry_get (ITS#8244)
 	Fixed slapd-null to have an option to return a search entry (ITS#8249)
 	Fixed slapd-relay to correctly handle quoted options (ITS#8284)
-	Fixed slapo-accesslog delta-sync MMR with interrupted refresh phase (ITS#8281)
+	Fixed slapo-accesslog delta-sync MPR with interrupted refresh phase (ITS#8281)
 	Fixed slapo-dds segfault when using slapo-memberof (ITS#8133)
 	Fixed slapo-ppolicy to allow purging of stale pwdFailureTime attributes (ITS#8185)
 	Fixed slapo-ppolicy to release entry on failure (ITS#7537)
@@ -315,7 +315,7 @@ OpenLDAP 2.4.41 Release (2015/06/21)
 	Fixed slapd slapadd config db import of minimal frontend entry (ITS#8150)
 	Fixed slapd slapadd onetime leak with -w (ITS#8014)
 	Fixed slapd sasl auxprop crash with invalid config (ITS#8092)
-	Fixed slapd syncrepl delta-mmr issue with overlays and slapd.conf (ITS#7976)
+	Fixed slapd syncrepl delta-mpr issue with overlays and slapd.conf (ITS#7976)
 	Fixed slapd syncrepl mutex for cookie state (ITS#7968)
 	Fixed slapd syncrepl memory leaks (ITS#8035)
 	Fixed slapd syncrepl to free presentlist at end of refresh mode (ITS#8038)
@@ -475,7 +475,7 @@ OpenLDAP 2.4.38 Release (2013/11/16)
 	Fixed liblmdb wasted space on split (ITS#7589)
 	Fixed slapd for certs with a NULL issuerDN (ITS#7746)
 	Fixed slapd cn=config with empty nested includes (ITS#7739)
-	Fixed slapd syncrepl memory leak with delta-sync MMR (ITS#7735)
+	Fixed slapd syncrepl memory leak with delta-sync MPR (ITS#7735)
 	Fixed slapd-bdb/hdb to stop processing on dn not found (ITS#7741)
 	Fixed slapd-bdb/hdb with indexed ANDed filters (ITS#7743)
 	Fixed slapd-mdb to stop processing on dn not found (ITS#7741)
@@ -581,7 +581,7 @@ OpenLDAP 2.4.34 Release (2013/03/01)
 	Fixed liblmdb to validate data limits (ITS#7485)
 	Fixed liblmdb mdb_update_key for large keys (ITS#7505)
 	Fixed ldapmodify to not core dump with invalid LDIF (ITS#7477)
-	Fixed slapd syncrepl for old entries in MMR setup (ITS#7427)
+	Fixed slapd syncrepl for old entries in MPR setup (ITS#7427)
 	Fixed slapd signedness for index_substr_any_* (ITS#7449)
 	Fixed slapd enforce SLAPD_MAX_DAEMON_THREADS (ITS#7450)
 	Fixed slapd mutex in send_ldap_ber (ITS#6164)
@@ -598,7 +598,7 @@ OpenLDAP 2.4.34 Release (2013/03/01)
 	Fixed slapd-meta segfault when modifying olcDbUri (ITS#7526)
 	Fixed slapd-sql back-config support (ITS#7499)
 	Fixed slapo-constraint handle uri and restrict correctly (ITS#7418)
-	Fixed slapo-constraint with multi-master replication (ITS#7426)
+	Fixed slapo-constraint with multi-provider replication (ITS#7426)
 	Fixed slapo-constraint segfault (ITS#7431)
 	Fixed slapo-deref control initialization (ITS#7436)
 	Fixed slapo-deref control exposure (ITS#7445)
@@ -635,7 +635,7 @@ OpenLDAP 2.4.33 Release (2012/10/10)
 	Fixed slapd alock handling on Windows (ITS#7361)
 	Fixed slapd acl handling with zero-length values (ITS#7350)
 	Fixed slapd syncprov to not reference ops inside a lock (ITS#7172)
-	Fixed slapd delta-syncrepl MMR with large attribute values (ITS#7354)
+	Fixed slapd delta-syncrepl MPR with large attribute values (ITS#7354)
 	Fixed slapd slapd_rw_destroy function (ITS#7390)
 	Fixed slapd-ldap idassert bind handling (ITS#7403)
 	Fixed slapd-mdb slapadd -q -w double free (ITS#7356)
@@ -721,7 +721,7 @@ OpenLDAP 2.4.31 Release (2012/04/21)
 	Fixed slapd listener initialization (ITS#7233)
 	Fixed slapd cn=config with olcTLSVerifyClient (ITS#7197)
 	Fixed slapd delta-syncrepl fallback on non-leaf error (ITS#7195)
-	Fixed slapd to reject MMR setups with bad serverID setting (ITS#7200)
+	Fixed slapd to reject MPR setups with bad serverID setting (ITS#7200)
 	Fixed slapd approxIndexer key generation (ITS#7203)
 	Fixed slapd modification of olcSuffix (ITS#7205)
 	Fixed slapd schema validation with missing definitions (ITS#7224)
@@ -799,7 +799,7 @@ OpenLDAP 2.4.27 Release (2011/11/24)
 	Added slapd support for draft-wahl-ldap-session (ITS#6984)
 	Added slapadd pipelining capability (ITS#7078)
 	Added slapd Add-if-not-present (ITS#6561)
-	Added slapd delta-syncrepl MMR (ITS#6734,ITS#7029,ITS#7031)
+	Added slapd delta-syncrepl MPR (ITS#6734,ITS#7029,ITS#7031)
 	Added slapd-mdb experimental backend (ITS#7079)
 	Added slapd-passwd dynamic config support
 	Added slapd-perl dynamic config support
@@ -1083,11 +1083,11 @@ OpenLDAP 2.4.24 Release (2011/02/10)
 	Fixed slapo-syncprov filter race condition (ITS#6708)
 	Fixed slapo-syncprov active mod race (ITS#6709)
 	Fixed slapo-syncprov to refresh if context is dirty (ITS#6710)
-	Fixed slapo-syncprov CSN updates to all replicas (ITS#6718)
+	Fixed slapo-syncprov CSN updates to all consumers (ITS#6718)
 	Fixed slapo-syncprov sessionlog ordering (ITS#6716)
 	Fixed slapo-syncprov sessionlog with adds (ITS#6503)
 	Fixed slapo-syncprov mutex (ITS#6438)
-	Fixed slapo-syncprov mincsn check with MMR (ITS#6717)
+	Fixed slapo-syncprov mincsn check with MPR (ITS#6717)
 	Fixed slapo-syncprov control leak (ITS#6795)
 	Fixed slapo-syncprov error codes (ITS#6812)
 	Fixed slapo-translucent entry leak (ITS#6746)
@@ -1279,7 +1279,7 @@ OpenLDAP 2.4.20 Release (2009/11/27)
 
 OpenLDAP 2.4.19 Release (2009/10/06)
 	Fixed client tools with null timeouts (ITS#6282)
-	Fixed slapadd to warn about missing attrs for replicas (ITS#6281)
+	Fixed slapadd to warn about missing attrs for consumers (ITS#6281)
 	Fixed slapd acl cache (ITS#6287)
 	Fixed slapd tools to allow -n for conversion (ITS#6258)
 	Fixed slapd-ldap with null timeouts (ITS#6282)
@@ -1446,8 +1446,8 @@ OpenLDAP 2.4.16 Release (2009/04/05)
 	Fixed slapd schema_init freed value (ITS#6036)
 	Fixed slapd syncrepl newCookie sync messages (ITS#5972)
 	Fixed slapd syncrepl hang during shutdown (ITS#6011)
-	Fixed slapd syncrepl too many MMR messages (ITS#6020)
-	Fixed slapd syncrepl skipped entries with MMR (ITS#5988)
+	Fixed slapd syncrepl too many MPR messages (ITS#6020)
+	Fixed slapd syncrepl skipped entries with MPR (ITS#5988)
 	Fixed slapd-bdb/hdb cachesize handling (ITS#5860)
 	Fixed slapd-bdb/hdb with slapcat with empty dn (ITS#6006)
 	Fixed slapd-bdb/hdb with NULL transactions (ITS#6012)
@@ -1457,19 +1457,19 @@ OpenLDAP 2.4.16 Release (2009/04/05)
 	Fixed slapo-accesslog interaction with ppolicy (ITS#5979)
 	Fixed slapo-dynlist conversion to cn=config (ITS#6002)
 	Fixed slapo-syncprov newCookie sync messages (ITS#5972)
-	Fixed slapd-syncprov too many MMR messages (ITS#6020)
-	Fixed slapo-syncprov replica lockout (ITS#5985)
+	Fixed slapd-syncprov too many MPR messages (ITS#6020)
+	Fixed slapo-syncprov consumer lockout (ITS#5985)
 	Fixed slapo-syncprov modtarget tracking (ITS#5999)
 	Fixed slapo-syncprov multiple CSN propagation (ITS#5973)
 	Fixed slapo-syncprov race condition (ITS#6045)
 	Fixed slapo-syncprov sending cookies without CSN (ITS#6024)
-	Fixed slapo-syncprov skipped entries with MMR (ITS#5988)
+	Fixed slapo-syncprov skipped entries with MPR (ITS#5988)
 	Fixed tools passphrase free (ITS#6014)
 	Build Environment
 		Cleaned up alloc/free functions for Windows (ITS#6005)
 		Fixed running of autosave files in testsuite (ITS#6026)
 	Documentation
-		admin24 clarified MMR URI requirements (ITS#5942,ITS#5987)
+		admin24 clarified MPR URI requirements (ITS#5942,ITS#5987)
 		Added ldapexop(1) manual page (ITS#5982)
 		slapd-ldap/meta(5) added missing TLS options (ITS#5989)
 
@@ -1519,14 +1519,14 @@ OpenLDAP 2.4.14 Release (2009/02/14)
 	Fixed slapd connection assert (ITS#5835)
 	Fixed slapd epoll handling (ITS#5886)
 	Fixed slapd frontend/backend options handling (ITS#5857)
-	Fixed slapd glue with MMR (ITS#5925)
+	Fixed slapd glue with MPR (ITS#5925)
 	Fixed slapd logging on Windows (ITS#5392)
 	Fixed slapd listener comparison (ITS#5613)
 	Fixed slapd manageDSAit with glue entries (ITS#5921)
 	Fixed slapd relax behavior with structuralObjectClass (ITS#5792)
 	Fixed slapd syncrepl rename handling (ITS#5809)
-	Fixed slapd syncrepl MMR when adding new server (ITS#5850)
-	Fixed slapd syncrepl MMR with deleted entries (ITS#5843)
+	Fixed slapd syncrepl MPR when adding new server (ITS#5850)
+	Fixed slapd syncrepl MPR with deleted entries (ITS#5843)
 	Fixed slapd syncrepl replication with glued DB (ITS#5866)
 	Fixed slapd syncrepl replication with moddn (ITS#5901)
 	Fixed slapd syncrepl replication with referrals (ITS#5881)
@@ -1760,7 +1760,7 @@ OpenLDAP 2.4.11 Release (2008/07/16)
 	Fixed slapd equality rules for olcRootDN/olcSchemaDN (ITS#5540)
 	Fixed slapd sets memory leak (ITS#5557)
 	Fixed slapd sortvals binary search (ITS#5578)
-	Fixed slapd syncrepl updates with multiple masters (ITS#5597)
+	Fixed slapd syncrepl updates with multiple providers (ITS#5597)
 	Fixed slapd syncrepl superior objectClass delete/add (ITS#5600)
 	Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
 	Added slapd-ldap/slapd-meta option to filter out search references (ITS#5593)
@@ -1837,7 +1837,7 @@ OpenLDAP 2.4.9 Release (2008/05/07)
 	Fixed slapd syncrepl crash on empty CSN (ITS#5432)
 	Fixed slapd syncrepl refreshAndPersist (ITS#5454)
 	Fixed slapd syncrepl modrdn processing (ITS#5397)
-	Fixed slapd syncrepl MMR partial refresh (ITS#5470)
+	Fixed slapd syncrepl MPR partial refresh (ITS#5470)
 	Fixed slapd value list termination (ITS#5450)
 	Fixed slapd/slapo-accesslog rq mutex usage (ITS#5442)
 	Fixed slapd-bdb ID_NOCACHE handling (ITS#5439)
@@ -1909,7 +1909,7 @@ OpenLDAP 2.4.8 Release (2008/02/19)
 	Fixed slapd-bdb crash with modrdn (ITS#5358)
 	Fixed slapd-bdb SEGV with bdb4.6 (ITS#5322)
 	Fixed slapd-bdb modrdn to same dn (ITS#5319)
-	Fixed slapd-bdb MMR (ITS#5332)
+	Fixed slapd-bdb MPR (ITS#5332)
 	Added slapd-bdb/slapd-hdb DB encryption (ITS#5359)
 	Fixed slapd-ldif delete (ITS#5265)
 	Fixed slapd-meta link to slapd-ldap (ITS#5355)
@@ -1946,7 +1946,7 @@ OpenLDAP 2.4.7 Release (2007/12/14)
 	Fixed slapd paged results handling when using rootdn (ITS#5230)
 	Fixed slapd syncrepl presentlist handling (ITS#5231)
 	Fixed slapd core schema 'c' definition for RFC4519 (ITS#5236)
-	Fixed slapd 3-way Multi-Master Replication (ITS#5238)
+	Fixed slapd 3-way multi-provider replication (ITS#5238)
 	Fixed slapd hash collisions in index slots (ITS#5183)
 	Fixed slapd replication of dSAOperation attributes (ITS#5268)
 	Fixed slapadd contextCSN updating (ITS#5225)

contrib/ldaptcl/ldap.n

@@ -84,8 +84,7 @@ Currently simple and kerberos-based authentication, are supported.
 To use LDAP and still have reasonable security in a networked, 
 Internet/Intranet environment, secure shell can be used to setup
 secure, encrypted connections between client machines and the LDAP
-server, and between the LDAP server and any replica or slave servers
-that might be used.
+server, and between all LDAP nodes that might be used.
 
 To perform the LDAP "bind" operation:
 

contrib/slapd-modules/lastbind/slapo-lastbind.5

@@ -60,7 +60,7 @@ attribute is updated on each successful bind operation.
 .B lastbind_forward_updates
 Specify that updates of the authTimestamp attribute
 on a consumer should be forwarded
-to a master instead of being written directly into the consumer's local
+to a provider instead of being written directly into the consumer's local
 database. This setting is only useful on a replication consumer, and
 also requires the
 .B updateref

doc/guide/admin/Makefile

@@ -69,7 +69,7 @@ sdf-img: \
 	intro_tree.png \
 	ldap-sync-refreshandpersist.png \
 	ldap-sync-refreshonly.png \
-	n-way-multi-master.png \
+	n-way-multi-provider.png \
 	push-based-complete.png \
 	push-based-standalone.png \
 	refint.png \

doc/guide/admin/config.sdf

@@ -45,9 +45,9 @@ H2: Replicated Directory Service
 slapd(8) includes support for {{LDAP Sync}}-based replication, called
 {{syncrepl}}, which may be used to maintain shadow copies of directory
 information on multiple directory servers.   In its most basic
-configuration, the {{master}} is a syncrepl provider and one or more
-{{slave}} (or {{shadow}}) are syncrepl consumers.  An example
-master-slave configuration is shown in figure 3.3. Multi-Master 
+configuration, the {{provider}} is a syncrepl provider and one or more
+{{consumer}} (or {{shadow}}) are syncrepl consumers.  An example
+provider-consumer configuration is shown in figure 3.3. Multi-Provider 
 configurations are also supported.
 
 !import "config_repl.png"; align="center"; title="Replicated Directory Services"

doc/guide/admin/intro.sdf

@@ -33,7 +33,7 @@ tuned to give quick response to high-volume lookup or search
 operations. They may have the ability to replicate information
 widely in order to increase availability and reliability, while
 reducing response time.  When directory information is replicated,
-temporary inconsistencies between the replicas may be okay, as long
+temporary inconsistencies between the consumers may be okay, as long
 as inconsistencies are resolved in a timely manner.
 
 There are many different ways to provide a directory service.
@@ -436,11 +436,11 @@ a pool of threads.  This reduces the amount of system overhead
 required while providing high performance.
 
 {{B:Replication}}: {{slapd}} can be configured to maintain shadow
-copies of directory information.  This {{single-master/multiple-slave}}
+copies of directory information.  This {{single-provider/multiple-consumer}}
 replication scheme is vital in high-volume environments where a
 single {{slapd}} installation just doesn't provide the necessary availability
 or reliability.  For extremely demanding environments where a
-single point of failure is not acceptable, {{multi-master}} replication
+single point of failure is not acceptable, {{multi-provider}} replication
 is also available.  {{slapd}} includes support for {{LDAP Sync}}-based
 replication.
 

doc/guide/admin/maintenance.sdf

@@ -159,7 +159,7 @@ type are:
 .{{S: }}
 +{{B: Start the server}}
 
-Obviously this doesn't cater for any complicated deployments like {{SECT: MirrorMode}} or {{SECT: N-Way Multi-Master}}, 
+Obviously this doesn't cater for any complicated deployments like {{SECT: MirrorMode}} or {{SECT: N-Way Multi-Provider}}, 
 but following the above sections and using either commercial support or community support should help. Also check the
 {{SECT: Troubleshooting}} section.
 

doc/guide/admin/overlays.sdf

@@ -79,7 +79,7 @@ or in raw form.
 
 It is also used for {{SECT:delta-syncrepl replication}}
 
-Note: An accesslog database is unique to a given master. It should
+Note: An accesslog database is unique to a given provider. It should
 never be replicated.
 
 H3: Access Logging Configuration
@@ -259,13 +259,13 @@ default when {{B:--enable-ldap}}.
 H3: Chaining Configuration
 
 In order to demonstrate how this overlay works, we shall discuss a typical 
-scenario which might be one master server and three Syncrepl slaves. 
+scenario which might be one provider server and three Syncrepl replicas. 
 
 On each replica, add this near the top of the {{slapd.conf}}(5) file
 (global), before any database definitions:
 
 >        overlay                    chain
->        chain-uri                  "ldap://ldapmaster.example.com"
+>        chain-uri                  "ldap://ldapprovider.example.com"
 >        chain-idassert-bind        bindmethod="simple"
 >                                   binddn="cn=Manager,dc=example,dc=com"
 >                                   credentials="<secret>" 
@@ -275,48 +275,48 @@ On each replica, add this near the top of the {{slapd.conf}}(5) file
 
 Add this below your {{syncrepl}} statement:
 
->        updateref                  "ldap://ldapmaster.example.com/"
+>        updateref                  "ldap://ldapprovider.example.com/"
 
-The {{B:chain-tls}} statement enables TLS from the slave to the ldap master. 
+The {{B:chain-tls}} statement enables TLS from the replica to the ldap provider. 
 The DITs are exactly the same between these machines, therefore whatever user 
-bound to the slave will also exist on the master. If that DN does not have 
-update privileges on the master, nothing will happen.
+bound to the replica will also exist on the provider. If that DN does not have 
+update privileges on the provider, nothing will happen.
 
-You will need to restart the slave after these {{slapd.conf}} changes.
+You will need to restart the replica after these {{slapd.conf}} changes.
 Then, if you are using {{loglevel stats}} (256), you can monitor an
-{{ldapmodify}} on the slave and the master. (If you're using {{cn=config}}
+{{ldapmodify}} on the replica and the provider. (If you're using {{cn=config}}
 no restart is required.)
 
-Now start an {{ldapmodify}} on the slave and watch the logs. You should expect 
+Now start an {{ldapmodify}} on the replica and watch the logs. You should expect 
 something like:
 
->        Sep  6 09:27:25 slave1 slapd[29274]: conn=11 fd=31 ACCEPT from IP=143.199.102.216:45181 (IP=143.199.102.216:389)
->        Sep  6 09:27:25 slave1 slapd[29274]: conn=11 op=0 STARTTLS
->        Sep  6 09:27:25 slave1 slapd[29274]: conn=11 op=0 RESULT oid= err=0 text=
->        Sep  6 09:27:25 slave1 slapd[29274]: conn=11 fd=31 TLS established tls_ssf=256 ssf=256
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=1 BIND dn="uid=user1,ou=people,dc=example,dc=com" method=128
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=1 BIND dn="uid=user1,ou=People,dc=example,dc=com" mech=SIMPLE ssf=0
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=1 RESULT tag=97 err=0 text=
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=2 MOD dn="uid=user1,ou=People,dc=example,dc=com"
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=2 MOD attr=mail
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=2 RESULT tag=103 err=0 text=
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 op=3 UNBIND
->        Sep  6 09:27:28 slave1 slapd[29274]: conn=11 fd=31 closed
->        Sep  6 09:27:28 slave1 slapd[29274]: syncrepl_entry: LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)
->        Sep  6 09:27:28 slave1 slapd[29274]: syncrepl_entry: be_search (0)
->        Sep  6 09:27:28 slave1 slapd[29274]: syncrepl_entry: uid=user1,ou=People,dc=example,dc=com
->        Sep  6 09:27:28 slave1 slapd[29274]: syncrepl_entry: be_modify (0)
-
-And on the master you will see this:
-
->        Sep  6 09:23:57 ldapmaster slapd[2961]: conn=55902 op=3 PROXYAUTHZ dn="uid=user1,ou=people,dc=example,dc=com"
->        Sep  6 09:23:57 ldapmaster slapd[2961]: conn=55902 op=3 MOD dn="uid=user1,ou=People,dc=example,dc=com"
->        Sep  6 09:23:57 ldapmaster slapd[2961]: conn=55902 op=3 MOD attr=mail
->        Sep  6 09:23:57 ldapmaster slapd[2961]: conn=55902 op=3 RESULT tag=103 err=0 text=
-
-Note: You can clearly see the PROXYAUTHZ line on the master, indicating the 
-proper identity assertion for the update on the master. Also note the slave 
-immediately receiving the Syncrepl update from the master.
+>        Sep  6 09:27:25 replica1 slapd[29274]: conn=11 fd=31 ACCEPT from IP=143.199.102.216:45181 (IP=143.199.102.216:389)
+>        Sep  6 09:27:25 replica1 slapd[29274]: conn=11 op=0 STARTTLS
+>        Sep  6 09:27:25 replica1 slapd[29274]: conn=11 op=0 RESULT oid= err=0 text=
+>        Sep  6 09:27:25 replica1 slapd[29274]: conn=11 fd=31 TLS established tls_ssf=256 ssf=256
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=1 BIND dn="uid=user1,ou=people,dc=example,dc=com" method=128
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=1 BIND dn="uid=user1,ou=People,dc=example,dc=com" mech=SIMPLE ssf=0
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=1 RESULT tag=97 err=0 text=
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=2 MOD dn="uid=user1,ou=People,dc=example,dc=com"
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=2 MOD attr=mail
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=2 RESULT tag=103 err=0 text=
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 op=3 UNBIND
+>        Sep  6 09:27:28 replica1 slapd[29274]: conn=11 fd=31 closed
+>        Sep  6 09:27:28 replica1 slapd[29274]: syncrepl_entry: LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_MODIFY)
+>        Sep  6 09:27:28 replica1 slapd[29274]: syncrepl_entry: be_search (0)
+>        Sep  6 09:27:28 replica1 slapd[29274]: syncrepl_entry: uid=user1,ou=People,dc=example,dc=com
+>        Sep  6 09:27:28 replica1 slapd[29274]: syncrepl_entry: be_modify (0)
+
+And on the provider you will see this:
+
+>        Sep  6 09:23:57 ldapprovider slapd[2961]: conn=55902 op=3 PROXYAUTHZ dn="uid=user1,ou=people,dc=example,dc=com"
+>        Sep  6 09:23:57 ldapprovider slapd[2961]: conn=55902 op=3 MOD dn="uid=user1,ou=People,dc=example,dc=com"
+>        Sep  6 09:23:57 ldapprovider slapd[2961]: conn=55902 op=3 MOD attr=mail
+>        Sep  6 09:23:57 ldapprovider slapd[2961]: conn=55902 op=3 RESULT tag=103 err=0 text=
+
+Note: You can clearly see the PROXYAUTHZ line on the provider, indicating the 
+proper identity assertion for the update on the provider. Also note the replica
+immediately receiving the Syncrepl update from the provider.
 
 H3: Handling Chaining Errors
 
@@ -683,8 +683,8 @@ H2: The Proxy Cache Engine
 
 {{TERM:LDAP}} servers typically hold one or more subtrees of a
 {{TERM:DIT}}. Replica (or shadow) servers hold shadow copies of
-entries held by one or more master servers.  Changes are propagated
-from the master server to replica (slave) servers using LDAP Sync
+entries held by one or more provider servers.  Changes are propagated
+from the provider server to replica servers using LDAP Sync
 replication.  An LDAP cache is a special type of replica which holds
 entries corresponding to search filters instead of subtrees.
 

doc/guide/admin/slapdconf2.sdf

@@ -569,12 +569,12 @@ H4: olcSyncrepl
 >		[syncdata=default|accesslog|changelog]
 
 
-This directive specifies the current database as a replica of the
-master content by establishing the current {{slapd}}(8) as a
+This directive specifies the current database as a consumer of the
+provider content by establishing the current {{slapd}}(8) as a
 replication consumer site running a syncrepl replication engine.
-The master database is located at the replication provider site
-specified by the {{EX:provider}} parameter. The replica database is
-kept up-to-date with the master content using the LDAP Content
+The provider database is located at the provider site
+specified by the {{EX:provider}} parameter. The consumer database is
+kept up-to-date with the provider content using the LDAP Content
 Synchronization protocol. See {{REF:RFC4533}}
 for more information on the protocol.
 
@@ -585,19 +585,16 @@ described by the current {{EX:syncrepl}} directive. {{EX:<replica ID>}}
 is non-negative and is no more than three decimal digits in length.
 
 The {{EX:provider}} parameter specifies the replication provider site
-containing the master content as an LDAP URI. The {{EX:provider}}
+containing the provider content as an LDAP URI. The {{EX:provider}}
 parameter specifies a scheme, a host and optionally a port where the
 provider slapd instance can be found. Either a domain name or IP
 address may be used for <hostname>. Examples are
 {{EX:ldap://provider.example.com:389}} or {{EX:ldaps://192.168.1.1:636}}.
 If <port> is not given, the standard LDAP port number (389 or 636) is used.
 Note that the syncrepl uses a consumer-initiated protocol, and hence its
-specification is located at the consumer site, whereas the {{EX:replica}}
-specification is located at the provider site. {{EX:syncrepl}} and
-{{EX:replica}} directives define two independent replication
-mechanisms. They do not represent the replication peers of each other.
+specification is located on the consumer.
 
-The content of the syncrepl replica is defined using a search
+The content of the syncrepl consumer is defined using a search
 specification as its result set. The consumer slapd will
 send search requests to the provider slapd according to the search
 specification. The search specification includes {{EX:searchbase}},
@@ -620,7 +617,7 @@ synchronization operation finishes. The interval is specified
 by the {{EX:interval}} parameter. It is set to one day by default.
 In the {{EX:refreshAndPersist}} operation, a synchronization search
 remains persistent in the provider {{slapd}} instance. Further updates to the
-master replica will generate {{EX:searchResultEntry}} to the consumer slapd
+provider will generate {{EX:searchResultEntry}} to the consumer slapd
 as the search responses to the persistent synchronization search.
 
 If an error occurs during replication, the consumer will attempt to reconnect
@@ -633,8 +630,8 @@ indefinite number of retries until success.
 The schema checking can be enforced at the LDAP Sync consumer site
 by turning on the {{EX:schemachecking}} parameter.
 If it is turned on, every replicated entry will be checked for its
-