[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: What defines a leaf entry (Errors when using ldapdelete)
>Platform Linux 2.0.36 with openldap-stable
>
>Hi, Would it work if I don't have an initial LDIF file
>My slapd.conf has
>
>defaultaccess write
>suffix "root=foo"
>
>Now I create a root entry in root.add
>dn: root=foo
>objectclass: top
>
>ldapadd < add0
>adding new entry root=foo
>ldap_add: Insufficient access
>
>However if I setup an initial database via ldif2ldbm -i root.add
>It works
Yes, you MUST have a first entry from where you will build entire tree. OR
you can bind as root -D rootDN -w rootpassword. So - create dn: root=foo
using ldi2lldbm and after that - add all other entries via ldapadd.
>
>Also, I am having this strange error with ldapdelete where it says the
>operation is not allowed on non-leaf nodes. AFAICT, the entry I want to
>delete is a leaf node
[skipped]
>Output received
>ldap_delete: Operation not allowed on nonleaf
>Any ideas where I could have gone wrong
Nothing wrong :) there is documented BUG in ldap :)
here is part of delete_back_ldbm function - check for children
if ( has_children( be, e ) ) {
send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF, "",
"" );
cache_return_entry( &li->li_cache, e );
return( -1 );
and here is cleanup when entry deleted from base:
/* XXX delete from parent's id2children entry XXX */
/* delete from dn2id mapping */
if ( dn2id_delete( be, e->e_dn ) != 0 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, "", "" );
cache_return_entry( &li->li_cache, e );
return( -1 );
}
XXX means unimplemented part of code :) I think always, after deletion of
entry, id2children stay the same - so you always receive positive answer in
has_children() call :(
Will wait for fix from openldap dev team...
P.s. this code from Eudora ldap server for WinNT. but openldap is the same
in this part of code.