[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
2.4.18 refint getting "no such attribute" in bdb_modify_internal with removal; works with rename
- To: openldap-technical@openldap.org
- Subject: 2.4.18 refint getting "no such attribute" in bdb_modify_internal with removal; works with rename
- From: Andreas Hasenack <panlinux@gmail.com>
- Date: Sat, 17 Oct 2009 10:03:43 -0300
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:content-type :content-transfer-encoding; bh=QDfwas6IpmVu4140J/j3eU8oxb3NxnicVyu4Gg+vsNI=; b=su8st30401d1gE3sIDA5Lzw++oCNZU1B71cWE+7eUx/0o2I3+pRC4TZu+LVZa8wKsI ULIjvnyyMAdeFW8IELhs9Mz2Z8bobQT9aRB+3oVfLZbuywNRPlOBPjnia5B+LcPxPWLH 50upKf4i1ekU+uoCDHgVT9mQx8cj/zFDzK+4A=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; b=UtUTrkfbFX4eSGTGThUzpZl9kbGS7O5FwSb2ATdd+K2JoQt71yl2NCGzwa87X/BUTB 879eKJ223NraPyQDVOlM463UW+wMJ/hwD/dvxGoHtL1W5WN/0N8JzSseXTrHX0mPUeOt dKESi9VQQz9dEEz389DrHS6HOIPOCYZVegGGU=
- In-reply-to: <8e4dbfa80910071326mac98b56nca7acc3b9f22fa5@mail.gmail.com>
- References: <8e4dbfa80910071326mac98b56nca7acc3b9f22fa5@mail.gmail.com>
Hi,
I'm using the refint overlay with a few attributes, but I can't get it
to work with krbPwdPolicyReference from MIT kerberos 1.7. I get the
error from the subject when deleting the entry this attribute
references.
If, however, I *rename* the entry, the krbPwdPolicyReference attribute
gets updated correctly. It seems to fail only when I remove the entry.
This is the config:
dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
objectClass: olcRefintConfig
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: krbObjectReferences
olcRefintAttribute: member
olcRefintAttribute: krbPwdPolicyReference
olcRefintNothing: cn=localroot,cn=config
This is the entry which has the attribute pointing to the entry I will
remove (some attributes omitted for brevity):
dn: krbPrincipalName=andreas@EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=
example,dc=com
krbPrincipalName: andreas@EXAMPLE.COM
objectClass: krbPrincipal
objectClass: krbPrincipalAux
objectClass: krbTicketPolicyAux
krbObjectReferences: uid=andreas,ou=people,dc=example,dc=com
krbPwdPolicyReference: cn=default,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example
,dc=com
This is the entry I'm deleting. I would expect the
krbPwdPolicyReference attribute from my entry above to be deleted. If
I rename this cn=default, then krbPwdPolicyReference gets updated
correctly.
dn: cn=default,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
cn: default
objectClass: krbPwdPolicy
krbMaxPwdLife: 36000
krbMinPwdLife: 0
krbPwdMinDiffChars: 1
krbPwdMinLength: 1
krbPwdHistoryLength: 1
These are the relevant logs (level 16383):
Oct 7 16:55:33 maestro slapd[6381]: refint_search_cb <NOTHING>
Oct 7 16:55:33 maestro slapd[6381]: ==> unique_modify
<krbPrincipalName=andreas@EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos
Realms,dc=example,dc=com>
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: ndn:
"krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: oc: "(null)",
at: "(null)"
Oct 7 16:55:33 maestro slapd[6381]:
bdb_dn2entry("krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com")
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: found entry:
"krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: bdb_entry_get: rc=0
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: ndn:
"krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: oc: "(null)",
at: "(null)"
Oct 7 16:55:33 maestro slapd[6381]:
bdb_dn2entry("krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com")
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: found entry:
"krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: bdb_entry_get: rc=0
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: ndn:
"cn=default,ou=password policies,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: oc: "(null)",
at: "(null)"
Oct 7 16:55:33 maestro slapd[6381]:
bdb_dn2entry("cn=default,ou=password policies,dc=example,dc=com")
Oct 7 16:55:33 maestro slapd[6381]: => bdb_entry_get: found entry:
"cn=default,ou=password policies,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: bdb_entry_get: rc=0
Oct 7 16:55:33 maestro slapd[6381]: hdb_modify:
krbPrincipalName=andreas@EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos
Realms,dc=example,dc=com
Oct 7 16:55:33 maestro slapd[6381]:
bdb_dn2entry("krbPrincipalName=andreas@EXAMPLE.COM,cn=example.com,ou=kerberos
realms,dc=example,dc=com")
Oct 7 16:55:33 maestro slapd[6381]: bdb_modify_internal: 0x00000042:
krbPrincipalName=andreas@EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos
Realms,dc=example,dc=com
Oct 7 16:55:33 maestro slapd[6381]: <= acl_access_allowed: granted to
database root
Oct 7 16:55:33 maestro slapd[6381]: bdb_modify_internal: delete
krbPwdPolicyReference
Oct 7 16:55:33 maestro slapd[6381]: dnMatch
0#012#011"cn=default,cn=example.com,ou=kerberos
realms,dc=example,dc=com"#012#011"cn=default,cn=example.com,ou=kerberos
realms,dc=example,dc=com"
Oct 7 16:55:33 maestro slapd[6381]: bdb_modify_internal: replace modifiersName
Oct 7 16:55:33 maestro slapd[6381]: bdb_modify_internal: delete
krbPwdPolicyReference
Oct 7 16:55:33 maestro slapd[6381]: bdb_modify_internal: 16
modify/delete: krbPwdPolicyReference: no such attribute
Oct 7 16:55:33 maestro slapd[6381]: hdb_modify: modify failed (16)
Oct 7 16:55:33 maestro slapd[6381]: send_ldap_result: conn=-1 op=0 p=0
Oct 7 16:55:33 maestro slapd[6381]: send_ldap_result: err=16
matched="" text="modify/delete: krbPwdPolicyReference: no such
attribute"
Oct 7 16:55:33 maestro slapd[6381]: refint_repair: dependent modify failed: 16
Any hints?