Re: ldap: Operation not allowed on nonleaf (ITS#3006)

christian.geissler@firestorm.ch wrote:
> Full_Name: Christian Geissler
> Version: 2.0.11-73
> OS: SuSE Linux Enterprise Server
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> Hello.
> I've got the SUSE RPM with the version: openldap2 ver. 2.0.11-73. I think
> the
> Openldap Directory is broken. Is there any chance to repair the openldap
> database?
> I can't remove a user. I got this Error Message:  ldap: Operation not
> allowed on nonleaf. What means the slapd server?
> Can you help me?

You're using a very, very, very old and outdated version
of OpenLDAP; it's not been supported for months, if not years,
so there is really no chance that if the problem is in the
software if will get fixed any time.  You should, as a minimum,
switch to current 2.1 releases, or better to 2.2.

In any case, the message means that you can't remove an entry
because it has leaves (in other words, children), and OpenLDAP
does not support this type of operation, i.e. deletion of entire
branches.  You need to delete the leaves first.  If your entry
doesn't have anly leaves, the problem is somewhere else, but,
as I wrote before, it is very unlikely it'll be fixed, since 2.0
is unsupported.


