[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5609) slapo-constraint with typ 'uri' rejects valid attribute values
ando@sys-net.it wrote:
> michael@stroeder.com wrote:
>> First this raises the question what to do if filters are not valid in
>> configuration. I'd prefer if slapo-constraint would cause invalidFilter
>> with an appropriate diagnosticMessage pointing to slapo-constraint
>> configuration to be returned instead of silently assuming the attribute
>> value is wrong.
>
> AFAIK, an invalid filter in the configuration would prevent slapd from
> starting, although right now checks are not that tight.
ldap:///ou=Departments,ou=schulung,dc=stroeder,dc=local?ou?one?(objectClass=organizationalUnit))
obviously contains an invalid filter. But slapd starts without complaining.
>> Still it does not work for me. The filter seems to be ok now and returns
>> the correct search result. But still the attribute value "Abteilung 1"
>> is not accepted.
>
> Can you provide the filter, the relevant data (or an excerpt of it) and
> the operation you're trying to perform?
I could provide a complete canned config in a personal e-mail if you want.
Just for the ITS:
---------------------- excerpt slapd.conf ----------------------
overlay constraint
constraint_attribute gender regex ^[0129]?$
constraint_attribute departmentNumber uri
ldap:///ou=Departments,ou=schulung,dc=stroeder,dc=local?ou?one?(objectClass=organizationalUnit)
constraint_attribute manager uri
ldap:///ou=Managers,ou=schulung,dc=stroeder,dc=local?entryDN?one?(objectClass=inetOrgPerson)
---------------------- entry to be modified ----------------------
dn: cn=Michael Stroeder,ou=People,ou=schulung,dc=stroeder,dc=local
cn: Michael Stroeder
givenName: Michael
hasSubordinates: FALSE
objectClass: inetOrgPerson
sn: Stroeder
---------------------- modification operation ----------------------
dn: cn=Michael Stroeder,ou=People,ou=schulung,dc=stroeder,dc=local
changetype: modify
add: departmentNumber
departmentNumber: Abteilung 1
-
---------------------- departments ----------------------
dn: ou=Departments,ou=schulung,dc=stroeder,dc=local
objectClass: organizationalUnit
ou: Departments
dn: ou=Abteilung 1,ou=Departments,ou=schulung,dc=stroeder,dc=local
objectClass: organizationalUnit
ou: Abteilung 1
dn: ou=Abteilung 2,ou=Departments,ou=schulung,dc=stroeder,dc=local
objectClass: organizationalUnit
ou: Abteilung 2
--------------------------------------------------------------
Ciao, Michael