[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5924) [backend config] modify rdn on a backend entry will cause bad renaming of all subentries when retrieving by ldapsearch

To: openldap-its@OpenLDAP.org
Subject: (ITS#5924) [backend config] modify rdn on a backend entry will cause bad renaming of all subentries when retrieving by ldapsearch
From: tchemineau@linagora.com
Date: Thu, 5 Feb 2009 17:05:24 GMT

Full_Name: Thomas Chemineau
Version: OPENLDAP_REL_ENG_2_4
OS: CentOS 5.2 64 bits
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (213.41.243.192)



Renaming an entry of a configugred OpenLDAP backend causes bad renaming of its
subentries and all subentries of all other backends, when retrieving them by a
simple LDAP search.

For example, suppose you have these configuration into slapd.conf :

8<--------
database        bdb
suffix          "o=1"
directory       /usr/local/openldap-2.4/var/openldap-data-1
overlay rwm
rwm-suffixmassage o=1 dc=1

database        bdb
suffix          "o=2"
overlay         glue
rootdn          "cn=Directory Manager,o=2"
rootpw          secret
directory       /usr/local/openldap-2.4/var/openldap-data-2

database        bdb
suffix          "o=3"
rootdn          "cn=Directory Manager,o=3"
rootpw          secret
directory       /usr/local/openldap-2.4/var/openldap-data-3
8<--------

When you convert slapd.conf to slapd.d (backend config), then you should obtain
something like the following (slapcat -b cn=config -F ...) :

8<--------
[...]
dn: olcDatabase={-1}frontend,cn=config
[...]
dn: olcDatabase={0}config,cn=config
[...]
dn: olcDatabase={1}monitor,cn=config
[...]
dn: olcDatabase={2}bdb,cn=config
olcSuffix: o=1
[...]
dn: olcOverlay={0}rwm,olcDatabase={2}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcRwmConfig
olcOverlay: {0}rwm
olcRwmRewrite: {0}rwm-suffixmassage "o=1" "dc=1"
olcRwmTFSupport: false
olcRwmNormalizeMapped: FALSE

dn: olcDatabase={3}bdb,cn=config
olcSuffix: o=2
[...]
dn: olcOverlay={0}glue,olcDatabase={3}bdb,cn=config
objectClass: olcOverlayConfig
olcOverlay: {0}glue

dn: olcDatabase={4}bdb,cn=config
olcSuffix: o=3
[...]
8<--------

Now, for some reason, you want to rename olcDatabase={2}bdb,cn=config into
olcDatabase={3}bdb,cn=config (to invert declaration for example). This operation
works successfully but causes all subentries DN to be rename improperly. You
obtain someting like the following via ldapsearch (not via slapcat) :

8<--------

[...]
dn: olcDatabase={-1}frontend,cn=config
[...]
dn: olcDatabase={0}config,cn=config
[...]
dn: olcDatabase={1}monitor,cn=config
[...]
dn: olcDatabase={2}bdb,cn=config
olcSuffix: o=2
[...]
dn:: IHFbGSxvbGNEYXRhYmFzZT17Mn1iZGIsY249Y29uZmlnAGJkYixjbj1jb25maWc=
objectClass: olcOverlayConfig
olcOverlay: {0}glue
[...]
dn: olcDatabase={3}bdb,cn=config
olcSuffix: o=1
[...]
dn:: LG9sY0RhdGFiYXNlPXszfWJkYixjbj1jb25maWcAezJ9YmRiLGNuPWNvbmZpZw==
objectClass: olcOverlayConfig
objectClass: olcRwmConfig
olcOverlay: {0}rwm
olcRwmRewrite: {0}rwm-suffixmassage "o=1" "dc=1"
olcRwmTFSupport: false
olcRwmNormalizeMapped: FALSE

dn: olcDatabase={4}bdb,cn=config
[...]
8<--------

When decoding DN, we obtain bad characters. This issue provide broken
replication in a N-Way Multi-Master cluster.

Thomas.

Prev by Date: Re: Re (ITS#5843) N-way Multi-master doesn't replicate deletes under certain circumstances.
Next by Date: (ITS#5925) [backend config] glue: no superior found in N-Way Multi-Master replication
Index(es):
- Chronological
- Thread