Full_Name: Oleg Belykh Version: 2.4.40 OS: FreeBSD URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (37.99.40.12) We are testing latest OpenLDAP 2.4.40 with mdb (FreeBSD 10) with our custom schema and structure. Error details: request returns recursive values on some leaves. Some sensitive values replaced with '���' Please check: custom schema: # Telephone Attributes attributetype ( 1.3.6.1.4.1.4203.666.6273.2.1 NAME 'telephoneNumberAccessCode' DESC 'Access code for telephoneNumber services' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.4203.666.6273.2.2 NAME 'faxDeliveryMailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.4203.666.6273.2.3 NAME 'voiceDeliveryMailbox' DESC 'Voice Mailbox' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.4203.666.6273.2.4 NAME 'phoneGroupName' DESC 'Telephone Group Name'D0D EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) objectclass ( 1.3.6.1.4.1.4203.666.6273.2.100 NAME 'telephoneNumberAccount' DESC 'Telephone account' SUP top STRUCTURAL MUST ( telephoneNumber ) MAY ( userPassword $ telephoneNumberAccessCode $ macAddress $ faxDeliveryMailbox ) ) ldapsearch results: root@sw:/lib/ldap # ldapsearch -H 'ldapi://%2fvar%2frun%2fopenldap%2fldapi/' -W -b 'dc=���' -D 'cn=ldroot,dc=���' Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=���> with scope subtree # filter: (objectclass=*) # requesting: ALL # # ��� dn: dc=��� objectClass: dcObject objectClass: organization objectClass: top dc: ... o: ... # accounts, ��� dn: ou=accounts,dc=��� objectClass: top objectClass: organizationalUnit ou: accounts # persons, accounts, ��� dn: ou=persons,ou=accounts,dc=��� objectClass: organizationalUnit ou: persons # kerberos, accounts, ��� dn: ou=kerberos,ou=accounts,dc=��� objectClass: organizaonalalUnit ou: kerberos # mails, accounts, ��� dn: ou=mails,ou=accounts,dc=��� objectClass: organizationalUnit ou: mails # phones, accounts, ��� dn: ou=phones,ou=accounts,dc=��� objectClass: organizationalUnit ou: phones # groups, ��� dn: ou=groups,dc=��� objectClass: top objectClass: organizationalUnit ou: groups # userGroups, groups, ��� dn: ou=userGroups,ou=groups,dc=��� objectClass: organizationalUnit ou: usergroups # phoneGroups, groups, ��� dn: ou=phoneGroups,ou=groups,dc>2E2�� objectClass: organizationalUnit ou: phonegroups # computers, ��� dn: ou=computers,dc=��� objectClass: top objectClass: organizationalUnit ou: computers # services, ��� dn: ou=services,dc=��� objectClass: top objectClass: organizationalUnit ou: services # manager, accounts, ��� dn: uid=manager,ou=accounts,dc=��� objectClass: account objectClass: simpleSecurityObject uid: manager userPassword:: ... # freeswitch, accounts, ��� dn: uid=freeswitch,ou=accounts,dc=��� objectClass: account objectClass: simpleSecurityObject uid: freeswitch userPassword:: ... # admins, userGroups, groups, ��� dn: cn=admins,ou=userGroups,ou=groups,dc=��� objectClass: posixGroup cn: admins gidNumber: 10000 description: Group account memberUid: ... # users, userGroups, groups, ��� dn: cn=users,ou=userGroups,ou=groups,dc=��� objectClass: posixGroup cn: users gidNumber: 10001 description: Group account # ..., persons, accounts, ��� dn: uid=...,ou=persons,ou=accounts,dc=2%2�� objectClass: posixAccount objectClass: top objectClass: inetOrgPerson gidNumber: 10000 givenName: ... initials: v sn: .. displayName: ... uid: ... homeDirectory: /dev/null loginShell: /bin/sh cn: ... uidNumber: 20107 userPassword:: ... telephoneNumber: 2020 ( !!!! ) # 1000, phones, accounts, ��� dn: telephoneNumber=1000,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 2020, phones, accounts, ��� dn: telephoneNumber=2020,ou=phones,ou=accounts,dc=��� telephoneNumber: 2020 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephonumumber=2020,ou=phones,ou=accounts,dc=... telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=0000,telephoneNumber=2020,ou=phones,o u=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=2020,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 2020, phones, accounts, �080� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=2020,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000% 1 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=2020,ou=phones,ou=accounts,dc=... telephoneNumber: 1000 telephoneNumberAccessCode:86864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=2020,ou=p hones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 1000, 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,tele phoneNumber=2020,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 64%0 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 2020, phones, accounts, time. kz dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,tele phoneNumber=1000,telephoneNumber=2020,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 2020, phones, accounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,tele phoneNumber=1000,telephoneNumber=1000,telephoneNumber=2020,ou=phones,ou=accou nts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. # 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000, 1000!01000, 2020, phones, acc ounts, ��� dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNu mber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,tele phoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=20 20,ou=phones,ou=accounts,dc=��� telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ���. if you need screenshots from some ldap management utils, please mail me.
On Tue, Nov 18, 2014 at 11:47:10AM +0000, belykh.o@gmail.com wrote: > Error details: request returns recursive values on some leaves. Some sensitive > values replaced with '…' Please check: That is certainly an odd one. You are going to have to supply a lot more information before the developers will consider this a usable bug report, but before getting into that I suggest you stop the server and use slapindex to re-build all the indexes. If you have been modifying the configuration after loading data it is possible that the index data is inconsistent. Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
belykh.o@gmail.com wrote: > Error details: request returns recursive values on some leaves. What does the slapcat output look like? Also which overlays are configured? slapo-rwm? Ciao, Michael.
Database reindexing: no effect. Overlays: overlay syncprov Same problems (recursion) with slapcat - dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=2020,ou=phones ,ou=accounts,dc=... telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ... structuralObjectClass: telephoneNumberAccount entryUUID: bc8a4014-0355-1034-8cad-1351d00c5bbd creatorsName: cn=ldroot,dc=... createTimestamp: 20141118100223Z entryCSN: 20141118100223.423286Z#000000#000#000000 modifiersName: cn=ldroot,dc=... modifyTimestamp: 20141118100223Z dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephone Number=2020,ou=phones,ou=accounts,dc=... telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ... structuralObjectClass: telephoneNumberAccount entryUUID: bc8d2860-0355-1034-8cae-1351d00c5bbd creatorsName: cn=ldroot,dc=... createTimestamp: 20141118100223Z entryCSN: 20141118100223.442503Z#000000#000#000000 modifiersName: cn=ldroot,dc=... modifyTimestamp: 20141118100223Z dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephone Number=1000,telephoneNumber=2020,ou=phones,ou=accounts,dc=... telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ... structuralObjectClass: telephoneNumberAccount entryUUID: bc914c06-0355-1034-8caf-1351d00c5bbd creatorsName: cn=ldroot,dc=... createTimestamp: 20141118100223Z entryCSN: 20141118100223.469632Z#000000#000#000000 modifiersName: cn=ldroot,dc=... modifyTimestamp: 20141118100223Z dn: telephoneNumber=1000,telephoneNumber=1000,telephoneNumber=1000,telephone Number=1000,telephoneNumber=1000,telephoneNumber=2020,ou=phones,ou=accounts ,dc=... telephoneNumber: 1000 telephoneNumberAccessCode: 8864 objectClass: telephoneNumberAccount userPassword:: ... structuralObjectClass: telephoneNumberAccount entryUUID: bc9429a8-0355-1034-8cb0-1351d00c5bbd creatorsName: cn=ldroot,dc=... createTimestamp: 20141118100223Z On 18 November 2014 17:47, <openldap-its@openldap.org> wrote: > > *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** > > Thanks for your report to the OpenLDAP Issue Tracking System. Your > report has been assigned the tracking number ITS#7985. > > One of our support engineers will look at your report in due course. > Note that this may take some time because our support engineers > are volunteers. They only work on OpenLDAP when they have spare > time. > > If you need to provide additional information in regards to your > issue report, you may do so by replying to this message. Note that > any mail sent to openldap-its@openldap.org with (ITS#7985) > in the subject will automatically be attached to the issue report. > > mailto:openldap-its@openldap.org?subject=(ITS#7985) > > You may follow the progress of this report by loading the following > URL in a web browser: > http://www.OpenLDAP.org/its/index.cgi?findid=7985 > > Please remember to retain your issue tracking number (ITS#7985) > on any further messages you send to us regarding this report. If > you don't then you'll just waste our time and yours because we > won't be able to properly track the report. > > Please note that the Issue Tracking System is not intended to > be used to seek help in the proper use of OpenLDAP Software. > Such requests will be closed. > > OpenLDAP Software is user supported. > http://www.OpenLDAP.org/support/ > > -------------- > Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. > >
belykh.o@gmail.com wrote: > Same problems (recursion) with slapcat - In this case I rather suspect something's wrong with your LDAP management client application. I'd check the slapd logs covering the period the entries were created. Ciao, Michael.
On Tue, Nov 18, 2014 at 07:48:28PM +0000, michael@stroeder.com wrote: > > Same problems (recursion) with slapcat - > > In this case I rather suspect something's wrong with your LDAP management > client application. I'd check the slapd logs covering the period the entries > were created. Good point. The critical thing to note in the slapcat output is that the entryUUID values are all different. I had missed that first time around but it clearly indicates that those entries actually exist. Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
No useful data provided