[Date Prev][Date Next] [Chronological] [Thread] [Top]

refint overlay don't works as expected



Hi

I'm using refint and memberof overlays.

Refint overlay don't works as expected - it don't modifying one entry: 
uid=admin,ou=Users,dc=domain.local (which is a member of 
cn=webers,ou=Groups,dc=domain.local - see dump.ldif attachment).

Changing the memberof-dangling option in the memberof overlay don't help.

If I turn off the memberof overlay or move this entry to the end of dump.ldif 
file (after cn=webers,ou=Groups,dc=domain.local) then the refint overlay 
works as needed.

Can somebody retest it or say where I'm wrong?



Steps to reproduce:

1) stop slapd

2) copy the files (slapd.conf, bsl.schema, dump.ldif) from the attachment to 
the apropriate places. Correct the pathes (include, directory) in slapd.conf 
file.

3) rm -rf /path/to/openldap-data/*

4) slapadd -l dump.ldif

5) chown -R ldapd:ldapd openldap-data
(use your own ldap user)

6) start slapd

7) test #1:
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(cn=webers)' member
dn: cn=webers,ou=Groups,dc=domain.local
member: uid=admin,ou=Users,dc=domain.local
member: uid=u1,ou=Users,dc=domain.local

$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(uid=*)' memberOf
dn: uid=admin,ou=Users,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=domain.local

dn: uid=u1,ou=Users,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=domain.local


All OK.

8) now rename dc=domain.local:
$ ldapmodrdn -r -D cn=manager -w 1 dc=domain.local dc=example.org -v
ldap_initialize( <DEFAULT> )
Renaming "dc=domain.local"
        new rdn="dc=example.org" (delete old rdn)
Rename Result: Success (0)

9) check #2:
$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(cn=webers)' member
dn: cn=webers,ou=Groups,dc=example.org
member: uid=admin,ou=Users,dc=example.org
member: uid=u1,ou=Users,dc=example.org

$ ldapsearch -LLL -D cn=manager -w 1 -b "" '(uid=*)' memberOf modifiersName
dn: uid=admin,ou=Users,dc=example.org
memberOf: cn=webers,ou=Groups,dc=domain.local
memberOf: cn=webers,ou=Groups,dc=example.org
modifiersName: cn=Manager

dn: uid=u1,ou=Users,dc=example.org
memberOf: cn=webers,ou=Groups,dc=example.org
modifiersName: cn=Referential Integrity Overlay


Error: refint overlay didn't change the uid=admin entry.


--
Regards,
Sergei Butakov
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/bsl.schema


access to * by * write


database                hdb
suffix                  ""
rootdn                  "cn=Manager"
rootpw                  1
directory               /srv/ldap/openldap-data

overlay                 memberof
memberof-group-oc       x-bsl-groupOfNames
memberof-member-ad      member
memberof-refint         true

overlay                 refint
refint_attributes       member memberOf

index                   default         eq

objectIdentifier bslOID 1.3.6.1.4.1.33904

objectIdentifier LDAP bslOID:1
objectIdentifier attributeType LDAP:1
objectIdentifier objectClass LDAP:2


##############################################################################
##############################################################################
#
# objectClasses
#
##############################################################################


#
# differences from the objectClass groupOfNames:
#    - 'AUXILIARY' type
#    - 'member' attrubute is not obligatory
#
objectClass (
    objectClass:1
    NAME 'x-bsl-groupOfNames'
    DESC 'a group of names (DNs)'
    SUP top
    AUXILIARY
    MUST ( cn )
    MAY ( member $ businessCategory $ seeAlso $ owner $ ou $ o $ description )
 )

dn: dc=domain.local
objectClass: organization
objectClass: dcObject
o: MY_COMPANY
structuralObjectClass: organization
entryUUID: 33a10208-0af2-43c2-83df-0755901434c9
creatorsName: cn=manager
createTimestamp: 20100128205952Z
dc: domain.local
entryCSN: 20100130043900.638049Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100130043900Z

dn: ou=Users,dc=domain.local
ou: Users
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 32c0413e-2d83-4790-9a02-3f2b9c86b84c
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205953.292954Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100128205953Z

dn: ou=Groups,dc=domain.local
ou: Groups
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 89a3de14-994b-4b54-8f5d-e187030338f4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205953.413960Z#000000#000#000000
modifiersName: cn=manager
modifyTimestamp: 20100128205953Z

dn: cn=Domain Admins,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 512
cn: Domain Admins
structuralObjectClass: posixGroup
entryUUID: 8629f2e9-23ae-49ab-b6dc-a5058bc14816
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032044.443110Z#000000#000#000000
modifyTimestamp: 20100130032044Z

dn: cn=Domain Users,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 513
cn: Domain Users
structuralObjectClass: posixGroup
entryUUID: da789091-b34c-4567-9400-6efa6839edd4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032050.309252Z#000000#000#000000
modifyTimestamp: 20100130032050Z

dn: cn=Domain Guests,ou=Groups,dc=domain.local
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 514
cn: Domain Guests
structuralObjectClass: posixGroup
entryUUID: 21cf1c41-613d-4462-9b9c-46a9a4411dd9
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
entryCSN: 20100128205954.289482Z#000000#000#000000
modifiersName: cn=bsl,o=_DSA
modifyTimestamp: 20100128205954Z

dn: uid=admin,ou=Users,dc=domain.local
uid: admin
cn: admin
sn: admin
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
uidNumber: 10000
gidNumber: 998
homeDirectory: /home/admin
loginShell: /bin/false
gecos: Web Administrator
structuralObjectClass: inetOrgPerson
entryUUID: 97ca1749-5ee2-45fc-b6ff-3ca7acec4014
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
userPassword:: e1NTSEF9OTN5eFJ2UGh0WjdQOTl3eWVhNEUxOVIxRnFqV0JyUWc=
memberOf: cn=webers,ou=Groups,dc=domain.local
modifiersName: cn=Manager
entryCSN: 20100130043900.653211Z#000000#000#000000
modifyTimestamp: 20100130043900Z

dn: cn=wheel,ou=Groups,dc=domain.local
cn: wheel
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 999
structuralObjectClass: posixGroup
entryUUID: ab726123-d2e9-4982-b783-70e31f805bde
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
modifiersName: cn=Manager
entryCSN: 20100130032050.309252Z#000000#000#000000
modifyTimestamp: 20100130032050Z

dn: cn=webers,ou=Groups,dc=domain.local
cn: webers
objectClass: top
objectClass: posixGroup
objectClass: x-bsl-groupOfNames
gidNumber: 998
structuralObjectClass: posixGroup
entryUUID: 25957d5b-81b9-4124-aece-7014713528c4
creatorsName: cn=Manager
createTimestamp: 20100116174212Z
member: uid=admin,ou=Users,dc=domain.local
member: uid=u1,ou=Users,dc=domain.local
modifiersName: cn=Referential Integrity Overlay
entryCSN: 20100130043900.653211Z#000000#000#000000
modifyTimestamp: 20100130043900Z

dn: uid=u1,ou=Users,dc=domain.local
cn: u1
uidNumber: 10002
gecos: User's account
uid: u1
homeDirectory: /home/u1
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
structuralObjectClass: inetOrgPerson
entryUUID: fa217daf-ee7d-4035-bc79-7b3d60544993
creatorsName: cn=bsl,o=_DSA
createTimestamp: 20100116181822Z
gidNumber: 513
userPassword:: e1NTSEF9ejF1RFplaXpZd3U1ajZ3TUJobk91M0t4ZWYvRnZpSzg=
sn: u1
loginShell: /bin/false
displayName: u1
memberOf: cn=webers,ou=Groups,dc=domain.local
modifiersName: cn=Referential Integrity Overlay
entryCSN: 20100130043900.648154Z#000000#000#000000
modifyTimestamp: 20100130043900Z