I got past the connection issue I was having in a previous post but now am having a policy issue. In the creation transform, the default policy for the LDAP driver has a ruled named "User Required Attributes" that will veto if the operational attribute CN is not available. My trace shows that is the policy that is vetoing the operation. I did a trace output message right before that rule and the CN is indeed empty but I don't know why. The object I am testing with definitely has a CN attribute. I can disable the rule but then I get the same issue with the nspmDistributionPassword. I checked the filter and the schema mapping. They are mapped and set to synchronize in the filter properly by default. I don't know why this default policy doesn't seem to be working. I'm just trying to set up basic replication to openLDAP. Any suggestions?