[Date Prev][Date Next] [Chronological] [Thread] [Top]

Delete the root entry of a DIT (mdb as backend)

To: openldap-technical@openldap.org
Subject: Delete the root entry of a DIT (mdb as backend)
From: Hongfu Huang <hongfu.huang@adnovum.ch>
Date: Mon, 19 Jun 2017 14:35:28 +0200
Dkim-filter: OpenDKIM Filter v2.11.0 mx1.adnovum.ch 62785A02CD
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=adnovum.ch; s=adn; t=1497875732; bh=GtpPvru9GdLfmuwIhrjhTXBLFs3icEJGOWIgAVIrpTw=; h=To:From:Subject:Date:From; b=GQYchGkqQpSj4i70kCDWJtzz2gtL+8iiNi7s06aFIwNaFST8ECM+Q7Anxgqjtf0Kq 1AAV2futYTUgZYq7hdopmlBoBS2XtR6iEhNaSBmSEKhyMB6IPIRro82wtfbrqozPGx KPvhUsGZUoUjvSVLYZqgUyU0NAPRQadJ+MEGol0w=
Organization: AdNovum Informatik AG
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

Hi all,

I have defined a DIT (LMDB) as follows:

dn: olcDatabase={3}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {3}mdb
olcDbDirectory: /var/lib/ldap/mycompany/o=mycompany
olcSuffix: o=mycompany
olcRootDN: uid=admin,ou=system
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="uid=admin,ou=system" write by anonymous auth by self write by * none
olcAccess: {1}to * by dn="uid=admin,ou=system" write by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbEnvFlags: writemap
olcDbEnvFlags: nometasync
olcDbNoSync: FALSE
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbMaxReaders: 0
olcDbMaxSize: 4294967296
olcDbMode: 0600
olcDbSearchStack: 16

I can add the root entry as:

dn: o=mycompany
objectClass: organization
objectClass: top
o: mycompany

And I can also add and delete sub-entries under o=mycompany. But I cannot delete the root entry o=mycompany, even there is no sub-entry below it.

Please no that the rootdn (uid=admin,ou=system) is not under the subffix(o=mycompany), that is why no rootPW is defined for this DIT. The rootDNand rootPW are defined in the second DIT (in BDB)


The weird thing was that I could search and found it:

ldapsearch -x -D uid=admin,ou=system -w XXXXXXXXX -Hldap://localhost:389 -b o=mycompany

# extended LDIF
#
# LDAPv3
# base <o=cornerbank> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# mycompany
dn: o=mycompany
o: mycompany
objectClass: organization
objectClass: top

# search result
search: 2
result: 0 Success

But it would fail if I tried to delete it:

$ ldapdelete -x -D uid=admin,ou=system -w XXXXXXXXX -Hldap://localhost:389 o=mycompany
ldap_delete: No such object (32)
32

In the other words, I could import the whole DIT for o=mycompany, butcould not delete the whole DIT (the root entry o=mycompany could not bedeleted). Does somebody know how to solve this problem? Thanks!


Regards

--
Hongfu Huang, Senior System Integrator
M.Sc. Computer Science

AdNovum Informatik AG
Roentgenstrasse 22, 8005 Zurich, Switzerland
phone +41 44 272 6111, direct +41 44 270 5266
hongfu.huang@adnovum.ch, www.adnovum.ch

Locations: Zurich (HQ), Bern, Lausanne, Budapest, Ho Chi Minh City, Singapore

Follow-Ups:
- Re: Delete the root entry of a DIT (mdb as backend)
  - From: Martin Stejskal <mstejskal@alps.cz>

Prev by Date: Re: mdb_dbi_open and threads
Next by Date: Limit which database is reachable on which port (slapd is listening on)?
Index(es):
- Chronological
- Thread