Re: LDAP proxy cache configuration

[Amos Castelli <amos.castelli@cscs.ch>]

Hi Howard,
is there any way to overcome this problem with objectclass mapping/rewriting?

Thanks,
Amos

On Wednesday 14 March 2007 22:28, Howard Chu wrote:
> Amos Castelli wrote:
> > Hi everybody,
> > I have setup a ldap proxy cache (2.3.34), but somehow I cannot write into
> > the proxy database.
> > When I first search into the directory, I get the following in the log
> > file: slapd[450]: QUERY NOT ANSWERABLE
> > slapd[450]: QUERY CACHEABLE
> >
> > This tells me that at least the proxyTemplate is set up correctly,
> > then I run the second time the search command, and I get:
> >
> > slapd[518]: QUERY ANSWERABLE
> >
> > I suppose ldap found in the cache the search output, but I get no result.
> > After searching a little bit, I also found this messages, after the first
> > search:
> >
> >  ==> bdb_add: uid=dummy,ou=People,dc=cscs,dc=com
> > bdb_add: entry failed op attrs add: no structural object class provided
> > (65) send_ldap_result: conn=2 op=1 p=3
> > send_ldap_result: err=65 matched="" text="no structural object class
> > provided" ENTRY ADDED/MERGED, CACHED ENTRIES=0
> >
> > Somehow I cannot write into the directory..
>
> Looks like there are two problems; the server you're proxying from is
> serving entries with an invalid objectclass chain, and the slapd is
> requiring a valid structural objectclass even though the proxycache
> implicitly disables schema checking.
>
> The latter problem was fixed in OpenLDAP 2.4. There are no plans to
> backport the fix to 2.3.