[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unique overlay usage with filter



Kyle Blaney wrote:
Pierangelo,

Thanks for your help so far.

In attempting to reproduce my problem with a minimal slapd.conf that I
could post, I am now encountering a slightly different problem related
to the unique overlay.  In particular, I get an LDAP constraint
violation when attempting to add an entry that should be allowed.

Here's my complete slapd.conf:

ucdata-path data
include schema/core.schema
include schema/cosine.schema
include schema/inetorgperson.schema
include schema/nortel.schema
backend bdb
database bdb
overlay unique
unique_uri ldap:///?uid?sub?(sn=e*)
suffix "dc=Nortel,dc=com"
rootdn "cn=Administrator,dc=Nortel,dc=com"
rootpw adminpwd
directory data
index sn eq,sub
index cn eq,sub

Here are the steps to reproduce my current problem (all modifications
are made using the configured rootdn):
1.  Add an entry with uid=a and sn=e.
2.  Add a second entry with uid=a and sn=f.

The second entry is not added.  Instead, OpenLDAP returns error code 19
(constraint violation) with a message of "some attributes are not
unique".  When I comment out the unique_uri line in slapd.conf and
restart slapd, the second entry can be added successfully.

Have I configured something incorrectly?

The overlay part should go after all the database part, i.e.

database bdb
suffix "dc=Nortel,dc=com"
rootdn "cn=Administrator,dc=Nortel,dc=com"
rootpw adminpwd
directory data
index sn eq,sub
index cn eq,sub

overlay unique
unique_uri ldap:///?uid?sub?(sn=e*)

so the overlay configuration can properly check dependencies on database data. Don't know whether this fixes your issue, though.

p.