[Date Prev][Date Next] [Chronological] [Thread] [Top]

back-sql insert: entry at root denied


I am trying to take back-sql to the next step and allow inserts. I have
been able to get by without having the actual suffix dcObject in the
directory and it looks like the back-sql backend can deal with that. However, it fails because this clause in add.c fires:

if ( ( ( !be_isroot( op ) && !be_shadow_update( op ) )
 || !BER_BVISEMPTY( &pdn ) ) && !is_entry_glue( op->oq_add.rs_e ) )

The log produces "entry at root denied" so BER_BVISEMPTY( &pdn ) returns false.

I've tried to give access both by using
rootdn		"dc=utips_admin,dc=my,dc=uen,dc=org"
access to dn="dc=my,dc=uen,dc=org"
        by dn="uid=utips_admin,dc=my,dc=uen,dc=org" write

Using openldap-cvs updated today.

in slapd.conf:
suffix		"dc=my,dc=uen,dc=org"

new record:
dn: uid=pbmidgley,dc=my,dc=uen,dc=org
changetype: add
objectclass: inetOrgPerson
uid: pbmidgley
telephoneNumber: 801-555-5561
userPassword: passiton
sn: Midgley
cn: Brad Midgley

command & output:
ldapadd -H ldap://iceman.uen.org -D uid=utips_admin,dc=my,dc=uen,dc=org -x -W -f mid
adding new entry "uid=pbmidgley,dc=my,dc=uen,dc=org"
ldapadd: update failed: uid=pbmidgley,dc=my,dc=uen,dc=org
ldap_add: No such object (32)

fwiw, more logs and configs are at http://www.xmission.com/~bmidgley/openldap2/