[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP : anomalies with search and deletions


I am encoutering problems with OpenLDAP V1.2.3 on Solaris 2.6,  with the DB Berkeley 2.7.5 or the GDBM 1.7.3.

The database contains about  20 000 entries.
I cannot delete some entries. When I try to do so (using  ldapdelete, or    perldap in perl), the server returns a # 1 error message  (LDAP OPERATIONS ERROR).

Here are two examples :

entry 17751, for which the deletion is successful :
dn: uid=gacoi001,ou=IUTA,ou=etudiants,dc=univ-nancy2,dc=fr
cn: Aurore GACOIN
userpassword: {crypt}*******
uid: gacoi001
mail: Aurore.Gacoin@etudiant.univ-nancy2.fr
givenname: Aurore
objectclass: top
objectclass: organizationalPerson
objectclass: inetOrgPerson

and  entry 17943 whose deletion fails :
dn: uid=lomba002,ou=IUTA,ou=etudiants,dc=univ-nancy2,dc=fr
cn: Romain LOMBARD
userpassword: {crypt}lr24796e
uid: lomba002
mail: Romain.Lombard@etudiant.univ-nancy2.fr
givenname: Romain
objectclass: top
objectclass: organizationalPerson
objectclass: inetOrgPerson

Both entries are strictly identical.

The following are the execution outputs of the query and deletion for these two accounts :

conn=0 op=23 SRCH base="OU=IUTA,OU=ETUDIANTS,DC=UNIV-NANCY2,DC=FR" scope=2 filter="(&(objectclass=INETORGPERSON)(uid=GACOI001))"
conn=0 op=23 RESULT err=0 tag=101 nentries=1
conn=0 op=24 RESULT err=0 tag=107 nentries=0

conn=0 op=39 SRCH base="OU=IUTA,OU=ETUDIANTS,DC=UNIV-NANCY2,DC=FR" scope=2 filter="(&(objectclass=INETORGPERSON)(uid=LOMBA002))"
conn=0 op=39 RESULT err=0 tag=101 nentries=1
conn=0 op=40 RESULT err=1 tag=107 nentries=0

I have noticed that when doing a query on the OU field with a scope of  'one' (1) instead of 'subtree' (2), the query is successful for gacoi001, and fails for lomba002 :

conn=1 op=2 SRCH base="OU=IUTA,OU=ETUDIANTS,DC=UNIV-NANCY2,DC=FR" scope=1 filter="(&(objectclass=INETORGPERSON)(uid=GACOI001))"
conn=1 op=2 RESULT err=0 tag=101 nentries=1

conn=1 op=3 SRCH base="OU=IUTA,OU=ETUDIANTS,DC=UNIV-NANCY2,DC=FR" scope=1 filter="(&(objectclass=INETORGPERSON)(uid=LOMBA002))"
conn=1 op=3 RESULT err=0 tag=101 nentries=0

I dumped the base in LDIF, and reloaded it.  This had the following result : I managed to delete part of the entries that could not be deleted beforehand but not all of them. On the overall 20,000 entries, 1,000 cause problems (when comparing the number of entries with one instead of subtree ).

One last detail : when loading the base, 7 error messages occurred  but I could not decypher their meaning :

id 2064 already in next block
id 2064 already in next block
id 2067 already in next block
id 2068 already in next block
id 2064 already in next block
id 2064 already in next block
id 2064 already in next block

I would gratefully welcome all suggestions, because this server has been already open and is used as an engine for a student account management application that we run daily. The problem inhibits its proper execution.

Thanks in advance,

Vincent MATHIEU                 
CRI - Universite NANCY 2             | Email : Vincent.Mathieu@univ-nancy2.fr
Pole Lorrain de Gestion              | Tel   : (33)
13, Rue Michel Ney - C.O. 75         | Fax   : (33)