[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Weird problem to add a record




Hi David,
 
Your slapd.conf shows that your server (or at least the "o=cvf" suffix) is a replica from another one (line "updatedn" in slapd.conf). Unless you have compiled with multimaster enabled, it means that only the dname specified by the "updatedn" statement can write in your directory.
 
Your "updatedn" and "rootdn" are the same dnames, that's why you can write with the root dname. I reckon the error returned with another dname is linked to the fact that no "updateref" statement is provided to support referrals.
 
The good configuration depends on what you actually want to do with your ldap server (getting rid of the "updatedn" statement would probably solve this problem, but the resulting architecture may not be what you are expecting)
 
HTH,
 
Bruno
 
 
----- Original Message -----
Sent: Friday, January 03, 2003 5:05 PM
Subject: Weird problem to add a record

hi

im contacting you because I have a problem I can t solve.

With the rootdn account I can add my record but with another account I cant .

here is the information :

openldap-2.0.27 on a linux debian box

here is the log :

with the "dnsadminprs,ou=ldap,ou=user,o=cvf" account :

Jan  3 16:02:38 ns-cache01p slapd[27547]: daemon: read activity on 9
Jan  3 16:02:38 ns-cache01p slapd[27547]: connection_get(9)
Jan  3 16:02:38 ns-cache01p slapd[27547]: connection_get(9): got connid=0
Jan  3 16:02:38 ns-cache01p slapd[27547]: connection_read(9): checking for input on id=0
Jan  3 16:02:38 ns-cache01p slapd[27547]: ber_get_next on fd 9 failed errno=11 (Resource temporarily unavailable)
Jan  3 16:02:38 ns-cache01p slapd[27552]: do_add
Jan  3 16:02:38 ns-cache01p slapd[27547]: daemon: select: listen=6 active_threads=2 tvp=NULL
Jan  3 16:02:38 ns-cache01p slapd[27552]: do_add: ndn (AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF)
Jan  3 16:02:38 ns-cache01p slapd[27552]: conn=0 op=2 ADD dn="AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:02:38 ns-cache01p slapd[27552]: dn2entry_r: dn: "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:02:38 ns-cache01p slapd[27552]: => dn2id( "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:02:38 ns-cache01p slapd[27552]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jan  3 16:02:38 ns-cache01p slapd[27552]: <= ldbm_cache_open (cache 0)
Jan  3 16:02:38 ns-cache01p slapd[27552]: <= dn2id NOID
Jan  3 16:02:38 ns-cache01p slapd[27552]: dn2entry_r: dn: "OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:02:38 ns-cache01p slapd[27552]: => dn2id( "OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:02:38 ns-cache01p slapd[27552]: ====> cache_find_entry_dn2id("OU=PRS,OU=DNS,OU=SITE,O=CVF"): 13 (1 tries)
Jan  3 16:02:38 ns-cache01p slapd[27552]: <= dn2id 13 (in cache)
Jan  3 16:02:38 ns-cache01p slapd[27552]: => id2entry_r( 13 )
Jan  3 16:02:38 ns-cache01p slapd[27552]: ====> cache_find_entry_id( 13 ) "ou=prs,ou=dns,ou=site,o=cvf" (found) (1 tries)
Jan  3 16:02:38 ns-cache01p slapd[27552]: <= id2entry_r( 13 ) 0x80db920 (cache)
Jan  3 16:02:38 ns-cache01p slapd[27552]: ldbm_referrals: op=104 target="ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf" matched="ou=prs,ou=dns,ou=site,o=cvf"
Jan  3 16:02:38 ns-cache01p slapd[27552]: ====> cache_return_entry_r( 13 ): returned (0)
Jan  3 16:02:38 ns-cache01p slapd[27552]: send_ldap_result: conn=0 op=2 p=2
Jan  3 16:02:38 ns-cache01p slapd[27552]: send_ldap_result: 10::
Jan  3 16:02:38 ns-cache01p slapd[27552]: send_ldap_response: msgid=3 tag=105 err=32
Jan  3 16:02:38 ns-cache01p slapd[27547]: daemon: activity on 1 descriptors
Jan  3 16:02:38 ns-cache01p slapd[27547]: daemon: activity on:
Jan  3 16:02:38 ns-cache01p slapd[27547]:  9r
Jan  3 16:02:38 ns-cache01p slapd[27547]:

with rootdn account :

Jan  3 16:06:03 ns-cache01p slapd[27547]: daemon: read activity on 9
Jan  3 16:06:03 ns-cache01p slapd[27547]: connection_get(9)
Jan  3 16:06:03 ns-cache01p slapd[27547]: connection_get(9): got connid=1
Jan  3 16:06:03 ns-cache01p slapd[27547]: connection_read(9): checking for input on id=1
Jan  3 16:06:03 ns-cache01p slapd[27554]: do_add
Jan  3 16:06:03 ns-cache01p slapd[27554]: do_add: ndn (AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF)
Jan  3 16:06:03 ns-cache01p slapd[27554]: conn=1 op=2 ADD dn="AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:06:03 ns-cache01p slapd[27554]: dn2entry_r: dn: "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:06:03 ns-cache01p slapd[27547]: ber_get_next on fd 9 failed errno=11 (Resource temporarily unavailable)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => dn2id( "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 0)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= dn2id NOID
Jan  3 16:06:03 ns-cache01p slapd[27554]: dn2entry_r: dn: "OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:06:03 ns-cache01p slapd[27554]: => dn2id( "OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_find_entry_dn2id("OU=PRS,OU=DNS,OU=SITE,O=CVF"): 13 (1 tries)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= dn2id 13 (in cache)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => id2entry_r( 13 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_find_entry_id( 13 ) "ou=prs,ou=dns,ou=site,o=cvf" (found) (1 tries)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= id2entry_r( 13 ) 0x80db920 (cache)
Jan  3 16:06:03 ns-cache01p slapd[27554]: ldbm_referrals: op=104 target="ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf" matched="ou=prs,ou=dns,ou=site,o=cvf"
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_return_entry_r( 13 ): returned (0)
Jan  3 16:06:03 ns-cache01p slapd[27554]: ==> ldbm_back_add: ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf
Jan  3 16:06:03 ns-cache01p slapd[27554]: => dn2id( "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 0)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= dn2id NOID
Jan  3 16:06:03 ns-cache01p slapd[27554]: oc_check_required entry (ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf), objectClass "domainRelatedObject"
Jan  3 16:06:03 ns-cache01p slapd[27554]: oc_check_allowed type "objectClass"
Jan  3 16:06:03 ns-cache01p slapd[27554]: oc_check_allowed type "associatedDomain"
Jan  3 16:06:03 ns-cache01p slapd[27547]: daemon: select: listen=6 active_threads=1 tvp=NULL
Jan  3 16:06:03 ns-cache01p slapd[27554]: dn2entry_w: dn: "OU=PRS,OU=DNS,OU=SITE,O=CVF"
Jan  3 16:06:03 ns-cache01p slapd[27554]: => dn2id( "OU=PRS,OU=DNS,OU=SITE,O=CVF" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_find_entry_dn2id("OU=PRS,OU=DNS,OU=SITE,O=CVF"): 13 (1 tries)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= dn2id 13 (in cache)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => id2entry_w( 13 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_find_entry_id( 13 ) "ou=prs,ou=dns,ou=site,o=cvf" (found) (1 tries)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= id2entry_w( 13 ) 0x80db920 (cache)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => access_allowed: write access to "ou=prs,ou=dns,ou=site,o=cvf" "children" requested
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= root access granted
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "nextid.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 2)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => index_entry_add( 18, "ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "objectClass.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 3)
Jan  3 16:06:03 ns-cache01p slapd[27554]: => key_change(ADD,12)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= key_change 0
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= index_entry_add( 18, "ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf" ) success
Jan  3 16:06:03 ns-cache01p slapd[27554]: => dn2id_add( "AD=USR75.CVF,OU=PRS,OU=DNS,OU=SITE,O=CVF", 18 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 0)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= dn2id_add 0
Jan  3 16:06:03 ns-cache01p slapd[27554]: => id2entry_add( 18, "ad=usr75.cvf,ou=prs,ou=dns,ou=site,o=cvf" )
Jan  3 16:06:03 ns-cache01p slapd[27554]: => ldbm_cache_open( "id2entry.dbb", 73, 600 )
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= ldbm_cache_open (cache 1)
Jan  3 16:06:03 ns-cache01p slapd[27554]: <= id2entry_add 0
Jan  3 16:06:03 ns-cache01p slapd[27554]: send_ldap_result: conn=1 op=2 p=2
Jan  3 16:06:03 ns-cache01p slapd[27554]: send_ldap_result: 0::
Jan  3 16:06:03 ns-cache01p slapd[27554]: send_ldap_response: msgid=3 tag=105 err=0
Jan  3 16:06:03 ns-cache01p slapd[27554]: conn=1 op=2 RESULT tag=105 err=0 text=
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_return_entry_w( 13 ): returned (0)
Jan  3 16:06:03 ns-cache01p slapd[27554]: ====> cache_return_entry_w( 18 ): created (0)
Jan  3 16:06:03 ns-cache01p slapd[27547]: daemon: activity on 1 descriptors
Jan  3 16:06:03 ns-cache01p slapd[27547]: daemon: activity on:


Some part of my slapd.conf :

defaultaccess none

access to attr=userpassword
    by self read
    by anonymous auth
    by * none

access to dn="ou=prs,ou=dns,ou=site,o=cvf"
        by dn="ou=dnsadminprs,ou=ldap,ou=user,o=cvf" write
        by dn="ou=exploitprs,ou=ldap,ou=user,o=cvf" read

access to dn="ou=prs,ou=dns,ou=domain,o=cvf"
        by dn="ou=dnsadminprs,ou=ldap,ou=user,o=cvf" write
        by dn="ou=exploitprs,ou=ldap,ou=user,o=cvf" read

access to *
        by dn="ou=exploitprs,ou=ldap,ou=user,o=cvf" read

database        ldbm
rootdn          "ou=replicator,ou=ldap,ou=user,o=cvf"
updatedn        "ou=replicator,ou=ldap,ou=user,o=cvf"
suffix          "o=cvf"
directory       /usr/local/stow/openldap-2.0.27/var/openldap-ldbm

replica host=ns-cache01b.int75.cvf:389
        binddn="ou=replicator,ou=ldap,ou=user,o=cvf"
        bindmethod=simple credentials=meuh
        suffix="ou=prs,ou=dns,ou=site,o=cvf"
        suffix="ou=prs,ou=dns,ou=domain,o=cvf"


thanks in advance