[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Unique overlay usage with filter


Thanks again.

I've moved the overlay configuration part after the database
configuration part, but I still get the same problem - adding the second
entry fails due to a constraint violation when it should succeed.  Is
there anything else I can try or should I file and ITS?

Kyle Blaney

-----Original Message-----
From: Pierangelo Masarati [mailto:masarati@aero.polimi.it] 
Sent: July 22, 2009 4:22 AM
To: Blaney, Kyle (BVW:9T16)
Cc: openldap-software@openldap.org
Subject: Re: Unique overlay usage with filter

Kyle Blaney wrote:
> Pierangelo,
> Thanks for your help so far.
> In attempting to reproduce my problem with a minimal slapd.conf that I

> could post, I am now encountering a slightly different problem related

> to the unique overlay.  In particular, I get an LDAP constraint 
> violation when attempting to add an entry that should be allowed.
> Here's my complete slapd.conf:
> ucdata-path data
> include schema/core.schema
> include schema/cosine.schema
> include schema/inetorgperson.schema
> include schema/nortel.schema
> backend bdb
> database bdb
> overlay unique
> unique_uri ldap:///?uid?sub?(sn=e*)
> suffix "dc=Nortel,dc=com"
> rootdn "cn=Administrator,dc=Nortel,dc=com"
> rootpw adminpwd
> directory data
> index sn eq,sub
> index cn eq,sub
> Here are the steps to reproduce my current problem (all modifications 
> are made using the configured rootdn):
> 1.  Add an entry with uid=a and sn=e.
> 2.  Add a second entry with uid=a and sn=f.
> The second entry is not added.  Instead, OpenLDAP returns error code 
> 19 (constraint violation) with a message of "some attributes are not 
> unique".  When I comment out the unique_uri line in slapd.conf and 
> restart slapd, the second entry can be added successfully.
> Have I configured something incorrectly?

The overlay part should go after all the database part, i.e.

database bdb
suffix "dc=Nortel,dc=com"
rootdn "cn=Administrator,dc=Nortel,dc=com"
rootpw adminpwd
directory data
index sn eq,sub
index cn eq,sub

overlay unique
unique_uri ldap:///?uid?sub?(sn=e*)

so the overlay configuration can properly check dependencies on database
data.  Don't know whether this fixes your issue, though.