Re: LDAP proxy cache configuration

[Howard Chu <hyc@symas.com>]

Amos Castelli wrote:
> Hi everybody,
> I have setup a ldap proxy cache (2.3.34), but somehow I cannot write into the 
> proxy database.
> When I first search into the directory, I get the following in the log file:
> slapd[450]: QUERY NOT ANSWERABLE
> slapd[450]: QUERY CACHEABLE
>
> This tells me that at least the proxyTemplate is set up correctly,
> then I run the second time the search command, and I get:
>
> slapd[518]: QUERY ANSWERABLE
>
> I suppose ldap found in the cache the search output, but I get no result.
> After searching a little bit, I also found this messages, after the first 
> search:
>
>  ==> bdb_add: uid=dummy,ou=People,dc=cscs,dc=com
> bdb_add: entry failed op attrs add: no structural object class provided (65)
> send_ldap_result: conn=2 op=1 p=3
> send_ldap_result: err=65 matched="" text="no structural object class provided"
> ENTRY ADDED/MERGED, CACHED ENTRIES=0
>
> Somehow I cannot write into the directory..

Looks like there are two problems; the server you're proxying from is 
serving entries with an invalid objectclass chain, and the slapd is 
requiring a valid structural objectclass even though the proxycache 
implicitly disables schema checking.

The latter problem was fixed in OpenLDAP 2.4. There are no plans to 
backport the fix to 2.3.
--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  Chief Architect, OpenLDAP     http://www.openldap.org/project/