Replication bind failure time stamp control

Name: Replication bind failure time stamp control
Description: Used to propagate bind failure time stamp values for user entry password policy attributes between a master server and read-only replica server consistently.
Assigned object identifier: 1.3.18.0.2.10.34
Target of control: Server
Control criticality: Never critical
Values: Time stamp of the bind operation in string format.
The value is absent on the request control. The value is a time stamp in string format for the response control. This is the time stamp of the bind operation that is used in updating password policy operational attributes on the master server.
Detailed description: This control is valid on a bind request that uses simple authentication. The control is used in an advanced replication environment to manage pwdFailureTime, pwdGraceUseTime, and pwdExpirationWarned consistently between a read-only replica server and a master server. Any authentication request to a read-only replica that updates password policy operational attributes in the user entry includes this control on a chained bind request to the master server. This triggers a similar update on the master during the chained bind. The bind response includes this control, and when appropriate, a time stamp value is returned representing the time stamp used on the master server in any of the appropriate operational attributes. The read-only replica server then uses the returned time stamp to ensure that the attributes are managed consistently during the operation and subsequent replication of attributes from the master server to the replica server. Use of this control requires that the 'replication of bind failure on read-only replica' feature is enabled on all servers in the advanced replication topology.