[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
refint overlay don't works as expected
Hi
I'm using refint and memberof overlays.
Refint overlay don't works as expected - it don't modifying one entry:
uid=admin,ou=Users,dc=domain.local (which is a member of
cn=webers,ou=Groups,dc=domain.local - see dump.ldif attachment).
Changing the memberof-dangling option in the memberof overlay don't help.
If I turn off the memberof overlay or move this entry to the end of dump.ldif
file (after cn=webers,ou=Groups,dc=domain.local) then the refint overlay
works as needed.
Can somebody retest it or say where I'm wrong?
Steps to reproduce:
1) stop slapd
2) copy the files (slapd.conf, bsl.schema, dump.ldif) from the attachment to
the apropriate places. Correct the pathes (include, directory) in slapd.conf
file.
3) rm -rf /path/to/openldap-data/*
4) slapadd -l dump.ldif
5) chown -R ldapd:ldapd openldap-data
(use your own ldap user)
6) start slapd
7) test #1:
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(cn=webers)' member
dn: cn=webers,ou=Groups,dc=domain.local
member: uid=admin,ou=Users,dc=domain.local
member: uid=u1,ou=Users,dc=domain.local
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(uid=*)' memberOf
dn: uid=admin,ou=Users,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=domain.local
dn: uid=u1,ou=Users,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=domain.local
All OK.
8) now rename dc=domain.local:
$ ldapmodrdn -r -D cn=manager -w 1 dc=domain.local dc=example.org -v
ldap_initialize( <DEFAULT> )
Renaming "dc=domain.local"
new rdn="dc=example.org" (delete old rdn)
Rename Result: Success (0)
9) check #2:
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(cn=webers)' member
dn: cn=webers,ou=Groups,dc=example.org
member: uid=admin,ou=Users,dc=example.org
member: uid=u1,ou=Users,dc=example.org
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(uid=*)' memberOf modifiersName
dn: uid=admin,ou=Users,dc=example.org
memberOf: cn=webers,ou=Groups,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=example.org
modifiersName: cn=Manager
dn: uid=u1,ou=Users,dc=example.org
memberOf: cn=webers,ou=Groups,dc=example.org
modifiersName: cn=Referential Integrity Overlay
Error: refint overlay didn't change the uid=admin entry.
--
Regards,
Sergei Butakov
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/bsl.schema
access to * by * write
database hdb
suffix ""
rootdn "cn=Manager"
rootpw 1
directory /srv/ldap/openldap-data
overlay memberof
memberof-group-oc x-bsl-groupOfNames
memberof-member-ad member
memberof-refint true
overlay refint
refint_attributes member memberOf
index default eq
objectIdentifier bslOID 1.3.6.1.4.1.33904
objectIdentifier LDAP bslOID:1
objectIdentifier attributeType LDAP:1
objectIdentifier objectClass LDAP:2
##############################################################################
##############################################################################
#
# objectClasses
#
##############################################################################
#
# differences from the objectClass groupOfNames:
# - 'AUXILIARY' type
# - 'member' attrubute is not obligatory
#
objectClass (
objectClass:1
NAME 'x-bsl-groupOfNames'
DESC 'a group of names (DNs)'
SUP top
AUXILIARY
MUST ( cn )
MAY ( member $ businessCategory $ seeAlso $ owner $ ou $ o $ description )
)
dn: dc=domain.local
objectClass: organization
objectClass: dcObject
o: MY_COMPANY
structuralObjectClass: organization
entryUUID: 33a10208-0af2-43c2-83df-0755901434c9
creatorsName: cn=manager
createTimestamp: 20100128205952Z
dc: domain.local
entryCSN: 20100130043900.638049Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100130043900Z
dn: ou=Users,dc=domain.local
ou: Users
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 32c0413e-2d83-4790-9a02-3f2b9c86b84c
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205953.292954Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100128205953Z
dn: ou=Groups,dc=domain.local
ou: Groups
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 89a3de14-994b-4b54-8f5d-e187030338f4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205953.413960Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100128205953Z
dn: cn=Domain Admins,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 512
cn: Domain Admins
structuralObjectClass: posixGroup
entryUUID: 8629f2e9-23ae-49ab-b6dc-a5058bc14816
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032044.443110Z#000000#000#000000
modifyTimestamp: 20100130032044Z
dn: cn=Domain Users,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 513
cn: Domain Users
structuralObjectClass: posixGroup
entryUUID: da789091-b34c-4567-9400-6efa6839edd4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032050.309252Z#000000#000#000000
modifyTimestamp: 20100130032050Z
dn: cn=Domain Guests,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 514
cn: Domain Guests
structuralObjectClass: posixGroup
entryUUID: 21cf1c41-613d-4462-9b9c-46a9a4411dd9
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205954.289482Z#000000#000#000000
modifiersName: cn=bsl,o=_DSA
modifyTimestamp: 20100128205954Z
dn: uid=admin,ou=Users,dc=domain.local
uid: admin
cn: admin
sn: admin
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
uidNumber: 10000
gidNumber: 998
homeDirectory: /home/admin
loginShell: /bin/false
gecos: Web Administrator
structuralObjectClass: inetOrgPerson
entryUUID: 97ca1749-5ee2-45fc-b6ff-3ca7acec4014
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
userPassword:: e1NTSEF9OTN5eFJ2UGh0WjdQOTl3eWVhNEUxOVIxRnFqV0JyUWc=
memberOf: cn=webers,ou=Groups,dc=domain.local
modifiersName: cn=Manager
entryCSN: 20100130043900.653211Z#000000#000#000000
modifyTimestamp: 20100130043900Z
dn: cn=wheel,ou=Groups,dc=domain.local
cn: wheel
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 999
structuralObjectClass: posixGroup
entryUUID: ab726123-d2e9-4982-b783-70e31f805bde
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032050.309252Z#000000#000#000000
modifyTimestamp: 20100130032050Z
dn: cn=webers,ou=Groups,dc=domain.local
cn: webers
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 998
structuralObjectClass: posixGroup
entryUUID: 25957d5b-81b9-4124-aece-7014713528c4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
member: uid=admin,ou=Users,dc=domain.local
member: uid=u1,ou=Users,dc=domain.local
modifiersName: cn=Referential Integrity Overlay
entryCSN: 20100130043900.653211Z#000000#000#000000
modifyTimestamp: 20100130043900Z
dn: uid=u1,ou=Users,dc=domain.local
cn: u1
uidNumber: 10002
gecos: User's account
uid: u1
homeDirectory: /home/u1
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
structuralObjectClass: inetOrgPerson
entryUUID: fa217daf-ee7d-4035-bc79-7b3d60544993
creatorsName: cn=bsl,o=_DSA
createTimestamp: 20100116181822Z
gidNumber: 513
userPassword:: e1NTSEF9ejF1RFplaXpZd3U1ajZ3TUJobk91M0t4ZWYvRnZpSzg=
sn: u1
loginShell: /bin/false
displayName: u1
memberOf: cn=webers,ou=Groups,dc=domain.local
modifiersName: cn=Referential Integrity Overlay
entryCSN: 20100130043900.648154Z#000000#000#000000
modifyTimestamp: 20100130043900Z