[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
What defines a leaf entry (Errors when using ldapdelete)
> second:
> create a LDIF file with at least root entry for future entries. My
> newbase.ld usually looking like this
>
> dn: c=RU
> c: Russia
> Objectclass: country
>
> without root entry you can't add childrens like o=My Company, c=ru - slapd
> checks for parent DN, and if it doesn't exist - fail with NO SUCH OBJECT or
> permission denied - only root can add such entries. (btw - afair - you must
> have a rootdn entry in database for binding as root)
>
> third:
> ldif2ldbm newbase.ld slapd.conf - bas created! :)
Platform Linux 2.0.36 with openldap-stable
Hi, Would it work if I don't have an initial LDIF file
My slapd.conf has
defaultaccess write
suffix "root=foo"
Now I create a root entry in root.add
dn: root=foo
objectclass: top
ldapadd < add0
adding new entry root=foo
ldap_add: Insufficient access
However if I setup an initial database via ldif2ldbm -i root.add
It works
Also, I am having this strange error with ldapdelete where it says the
operation is not allowed on non-leaf nodes. AFAICT, the entry I want to
delete is a leaf node
Here's the recipe
level1 =>
dn: sub=bar;root=foo
objectclass: top
objectclass: cuser
level2 =>
dn: id=cool:sub=bar;root=foo
objectclass: top
objectclass: cuser
objectclass: puser
ldapadd < level1
Verify that level1 is the child of root via ldapsearch
ldapsearch -s one -b "root=foo" 'objectclass=*'
Outputs dn of level1
ldapadd < level2
Verify that level2 is the child of level1 via ldapsearch
ldapsearch -s one -b "sub=bar;root=foo" 'objectclass=*'
Outputs dn of level2
Now delete level2
ldapdelete "id=cool;sub=bar;root=foo"
Verify that level1 has no children
ldapsearch -s one -b "sub=bar;root=foo" 'objectclass=*'
No output as expected. I assume this means that level1 is a leaf
Now try to delete level1
ldapdelete "sub=bar;root=foo"
Output received
ldap_delete: Operation not allowed on nonleaf
Any ideas where I could have gone wrong
Regards, Yusuf
yusufg@huge.net