[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: JDNI allows non-schema changes (ITS#2151)

At 09:50 AM 2002-10-25, Quanah Gibson-Mount wrote:
>Output from slapd with debugging at 65535 has been uploaded to the ftp server, named output.2151-1
>Output from an ldapsearch on a correct entry, and the bad entry, has been uploaded to the ftp server, named output.2151-2.
>As you can see from the 2 entries, the objectclasses are missing on the entry created by JNDI.  Note that this was done on Openldap 2.1.8.

According to first log, the client did provide an objectClass
value of suPerson for the entry. According to the second log,
ldapsearch(1) obtained this value for the entry.  I don't
see anything wrong here.

>--On Wednesday, October 23, 2002 5:35 PM -0700 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:
>>Please provide a log of the LDAP Add message sent.
>>This can be collected by enabling detail logging
>>in slapd(8) or using tcpdump(8) or similar tools.
>>At 02:27 PM 2002-10-23, quanah@stanford.edu wrote:
>>>Full_Name: Quanah Gibson-Mount
>>>Version: 2.1.5
>>>OS: Solaris 8
>>>URL: ftp://ftp.openldap.org/incoming/
>>>Submission from: (NULL) (
>>>System setup:
>>>cyrus-sasl 2.1.7
>>>Berkeley DB 4.0.14 + Openldap suggested patches
>>>Kerberos5 1.2.1
>>>Openldap 2.1.5
>>>Openssl 0.9.6g
>>>OS: Solaris 8
>>>When using JNDI to connect to the master directory server, we are able
>>>to add entries without any objectclasses using jndi
>>>-no complaints or errors and the entry is searchable ...just doesn't have
>>>any objectclasses lists.
>>>schemachecking is on and is very strict about doing this on the
>Quanah Gibson-Mount
>Senior Systems Administrator
>ITSS/TSS/Computing Systems
>Stanford University
>GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html