[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7940) Glue entry creation creates entries that cannot be found via ldapsearch filters

Full_Name: Quanah Gibson-Mount
Version: 2.4.39
OS: Linux 3.11
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

Found this at a customer site.  They loaded an LDIF file that had the child of
an entry, but not the entry itself.  slapadd then created a glue entry to
account for this, however there some significant problems with this process

a) The glue entry is not syntactically correct.  There is no RDN value.

b) It is impossible to use a filter with ldapsearch to find the entry.  It
appears the objectClass index is utterly broken.

Example entry, and the child that created it:

dn: uid=abcd,ou=people,dc=xxxx,dc=com,dc=uy
entryUUID: a326899a-ad0e-1033-8edf-d9cf7a32cf04
creatorsName: cn=config
createTimestamp: 20140731145640Z
entryCSN: 20140731145640.037371Z#000000#002#000000
modifiersName: cn=config%momodifyTimestamp: 20140731145640Z
objectClass: top
objectClass: glue
structuralObjectClass: glue

dn: zimbraDataSourceName=Adinet,uid=abcd,ou=people,dc=xxxx,dc=com,dc=uy
objectClass: zimbraDataSource
objectClass: zimbraImapDataSource

As we can see, the glue entry has no RDN attribute at all.  It is also
impossible to find this entry via ldapsearch;

ldapsearch -x -LLL -D $zimbra_ldap_userdn -w $zimbra_ldap_password -H $ldap_url
-b "ou=people,dc=xxxx,dc=com,dc=uy" uid=abcd
[zimbra@ldap01 ~]$

[zimbra@ldap01 ~]$ ldapsearch -x -LLL -D $zimbra_ldap_userdn -w
$zimbra_ldap_password -H $ldap_url -b "ou=people,dc=xxxx,dc=com,dc=uy"
"(objectClass=glue)" 1.1
[zimbra@ldap01 ~]$