Issue 101 - schemacheck
Summary: schemacheck
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 1999-03-15 09:28 UTC by luc.verschraegen@rug.ac.be
Modified: 2014-08-01 21:06 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description luc.verschraegen@rug.ac.be 1999-03-15 09:28:27 UTC 
Full_Name: Verschraegen Luc
Version: 1.2
OS: Solaris 2.6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (157.193.44.22)


 When entering data to an LDAP repository with 'schemacheck on', missing
required attributes produce an expectable: 

     ldap_add: Object class violation

 It is however no problem to add information about attributes which are
not 'required' nor 'optional', this means that although entrys will
contain all the required attributes the repository will get contaminated
with unwanted data,
 

 A second problem IMHO is the fact that it is possible to add
objectclasses that do not exist in the schema, I understand that the
objectclass attribute which is declared as required can occur more than
once, I would expect however that one way or the other the added
objectclasses could be checked against the schema,


# ------------------ trivial example ------------------------------- #

slapd.conf:

schemacheck     on

objectclass top
 requires
  objectClass

objectclass organization
 requires
  objectClass,
  o

objectclass person
 requires
  objectClass,
  cn,
  sn

#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "o=rug.ac.be, c=be"
directory       /var/tmp/ldap
rootdn          "cn=root, o=rug.ac.be, c=be"input-file:

o=rug.ac.be, c=be
o=rug

cn=root, o=rug.ac.be, c=be
cn=root
sn=root
objectclass=person

cn=llll, o=rug.ac.be, c=be
cn=Verschraegen Luc
cn=Luc
nickname=Luc                               <<
sn=Verschraegen
objectclass=blabla                         <<
objectclass=brol                           <<



# ---------------------------------------------------------------- #

ldapadd:

ldapadd -D "cn=root, o=rug.ac.be, c=be" -w blabla -f ~/ldap/ldap.add 

adding new entry o=rug.ac.be, c=be

adding new entry cn=root, o=rug.ac.be, c=be

adding new entry cn=llll, o=rug.ac.be, c=be


# ---------------------------------------------------------------- #
ldapsearch:

ldapsearch -b 'o=rug.ac.be, c=be' 'objectclass=*'

cn=root, o=rug.ac.be, c=be
cn=root
sn=root
objectclass=person

cn=llll, o=rug.ac.be, c=be
cn=Verschraegen Luc
cn=Luc
nickname=Luc
sn=Verschraegen
objectclass=blabla
objectclass=brol

# ---------------------------------------------------------------- #

rootpw          blabla



# ---------------------------------------------------------------- #
Comment 1 Kurt Zeilenga 1999-03-26 18:54:40 UTC 
moved from Incoming to Software Bugs
Comment 2 Kurt Zeilenga 1999-07-23 17:39:21 UTC 
We fixed a couple of schema bugs in 1.2.4.  You might give it (or
OPENLDAP_REL_ENG_1_2) a spin.
Comment 3 Kurt Zeilenga 1999-07-29 21:55:18 UTC 
changed notes
changed state Open to Closed
Comment 4 OpenLDAP project 2014-08-01 21:06:52 UTC 
Believed fixed in 1.2.4.