[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6766) memberOf does not replicate specially crafted modifications

To: openldap-its@OpenLDAP.org
Subject: (ITS#6766) memberOf does not replicate specially crafted modifications
From: masarati@aero.polimi.it
Date: Sun, 2 Jan 2011 22:52:29 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Pierangelo Masarati
Version: HEAD/re24
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2.40.10.16)
Submitted by: ando


If a modification deletes and recreates a member, something like

dn: cn=group
changetype: modify
delete: member
member: cn=user
-
add: member
member: cn=user
-

the operation succeeds on the provider, but only the delete is replicated.  This
occurs because the operation, within the memberOf overlay, results in two
separate operations:

dn: cn=user
changetype: modify
delete: memberOf
memberOf: cn=group

dn: cn=user
changetype: modify
add: memberOf
memberOf: cn=group

with the same CSN, although corresponding to different operations, so the
consumer ignores the second (btw, the CSN is the same of the modification that
affects the "cn=group" entry).

There may be two solutions: recognize that both operations affect the same
entry, and group them, or change the CSN.

p.

Prev by Date: Re: (ITS#6757) SASL canonicalize doesn't work as documented
Next by Date: Re: (ITS#6757) SASL canonicalize doesn't work as documented
Index(es):
- Chronological
- Thread