Quanah Gibson-Mount wrote:
>
>
> --On Tuesday, October 03, 2006 8:49 PM -0400 Robert Petkus
> <rpetkus@bnl.gov> wrote:
>
>
>
>
>> slapcat ldifs (slapcat -n 2 -l ldap.ldif) are polluted with accesslog
>> entries that *replace* the original entries. For example, my account dn
>> won't include, say, sshPublicKey, but I'd see a reqMod entry with this
>> attribute.
>
> First, I'd make life simpler by listing the monitoring database last.
>
> Second, your slapcat by definition dumps the accesslog database, not
> your main database, since your databases are:
>
> 1: monitor
> 2: cn=changelog
> 3: dc=bnl,dc=gov
>
>
> Or at least, that's my guess, and it seems to go with what you note.
> Or, you could change your slapcat to use "-b dc=bnl,dc=gov" which
> would be more explicit. That is, of course, assuming that you want to
> dump your main DB and not the accesslog DB. ;)
Yeah it would be convenient if I was that dumb ;) , but I had tried
"-b", -n3, removing the accesslog db entries in slapd.conf and rerunning
slapcat. All with the same results -- most of the main DB with a bunch
of accesslog DB garbage. What is dogging me *so* much here is that
these are 2 distinct physical databases.
This is an example of the garbage I got yesterday from a slapcat for my
user (an illustration that some attributes are not attached to the main
DB but instead the accesslog DB, yet ldapsearchable to the main DB):
Cheers,
Robert
***********ldapsearch results*****************
# rpetkus, People, racf.bnl.gov
dn: uid=rpetkus,ou=People,dc=stuff,dc=bnl,dc=gov
uid: rpetkus
cn: Robert Petkus
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: racf
objectClass: ldapPublicKey
uidNumber: number
gidNumber: number
homeDirectory: /somewhere/rpetkus
loginShell: /bin/bash
gidNumberAtlas: number
homeDirectoryAtlas: /somewhere/rpetkus
experiment: RHIC/USATLAS
sn: rapetkus
employeeNumber: number
loginShellGateway: /bin/rbash
employeeStatus: Active
gecos: Robert Petkus
sshPublicKey: ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg
8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDX1XasdfasdftDvNxbz3w
se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKasdfasdfId5q6oStWrNuNmpV48=
******Here is the slapcat for my user**************
dn: uid=rpetkus,ou=People,dc=racf,dc=bnl,dc=gov
uid: rpetkus
cn: Robert Petkus
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: racf
uidNumber: number
gidNumber: number
homeDirectory: /somewhere/rpetkus
loginShell: /bin/bash
gidNumberAtlas: number
homeDirectoryAtlas: /somewhere/rpetkus
experiment: RHIC/USATLAS
structuralObjectClass: inetOrgPerson
entryUUID: 689ce5e4-010f-102a-8eef-9882d4436e05
creatorsName: cn=account,dc=bnl,dc=gov
createTimestamp: 20051214170418Z
sn: rapetkus
userPassword::
employeeNumber: number
loginShellGateway: /bin/rbash
sshPublicKey: ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg
8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDX1XZELCHtDvNxbz3w
se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKReqWx5hc9Id5q6oStWrNuNmpV48=
rpetkus@r
sec00
employeeStatus: Active
gecos: Robert Petkus 1
entryCSN: 20060906145341Z#000000#00#000000
modifiersName: cn=Manager,dc=bnl,dc=gov
modifyTimestamp: 20060906145341Z
dn: reqStart=20060920134512.000000Z,cn=changelog
objectClass: auditModify
structuralObjectClass: auditModify
reqStart: 20060920134512.000000Z
reqEnd: 20060920134512.000001Z
reqType: modify
reqSession: 423
reqAuthzID: cn=Manager,dc=bnl,dc=gov
reqDN: uid=rpetkus,ou=People,dc=racf,dc=bnl,dc=gov
reqResult: 0
reqMod: sshPublicKey:= ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg
8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDXasdfasdftDvNxbz3w
se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKasdfasdfId5q6oStWrNuNmpV48=
reqMod: entryCSN:= 20060920134512Z#000000#00#000000
reqMod: modifiersName:= cn=account,dc=bnl,dc=gov
reqMod: modifyTimestamp:= 20060920134512Z
entryUUID: fb865d9c-dcf9-102a-8a91-e5d2e62e4f1a
creatorsName: cn=changelog
createTimestamp: 20060920134512Z
entryCSN: 20060920134512Z#000000#00#000000
modifiersName: cn=changelog
modifyTimestamp: 20060920134512Z