[Date Prev][Date Next] [Chronological] [Thread] [Top]

Finiky old OpenLDAP Server: To be or not to be...



Sorry for the somewhat vague email title but it is actually somewhat
descriptive of a problem I'm having. I also apologize if this is the
incorrect list for this question (I first subscribed to
openldap-software@... but upon subscription the "welcome" message said
it had been shut down and to use this list instead). I'm pretty new to
the whole OpenLDAP (and LDAP in general) thing.

I'm running an old OpenLDAP server (2.2.29) in a production
environment. I recently needed to add some extra schema definitions
for my postfix email server (attached as postfix.schema). I edited my
slapd.conf file and included my schema file, then restarted the
server. All is good so far...

Skipping ahead in my story, to test things out I created the following
LDIF below:

dn: mailDomain=example.com,ou=Email,dc=EXAMPLE,dc=COM
mailDomain: example.com
objectClass: top
objectClass: mailDomainEntry
mailDomainVirtual: FALSE

The "organization unit" named "Email" already existed. I then ran sladadd:

$ sudo slapadd -v -l data.ldif
added: "mailDomain=example.com,ou=Email,dc=EXAMPLE,dc=COM" (0000023e)

I then ran ldapsearch to dump everything at or under my "Email" ou:

$ ldapsearch -x -b "ou=Email,dc=EXAMPLE,dc=COM"

This dumped the Email organization unit entry and nothing else. So, on
a whim I re-ran the above slapadd command to retry adding a sub-entry
beneath my "Email" entry. This time I got the following error:

slapadd: could not add entry
dn="mailDomain=example.com,ou=Email,dc=EXAMPLE,dc=COM" (line=6):
txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996)

So, apparently it DID get added as this says it "already exists". Hmm,
so I'll try to delete it:

$ sudo ldapdelete -vx -D "cn=root,dc=EXAMPLE,dc=COM" \
        -W "mailDomain=example.com,dc=EXAMPLE,dc=COM"
ldap_initialize( <DEFAULT> )
Enter LDAP Password: ********
deleting entry "mailDomain=example.com,dc=EXAMPLE,dc=COM"
Delete Result: No such object (32)
Matched DN: dc=EXAMPLE,dc=COM

So, now it doesn't exist? "To be or not to be?" Hmm.

Anyhow, I've tried many search queries and used tools like
phpLDAPadmin and JXplorer and cannot find this entry I've
created/added. The only command/tool that claims it exists is slapadd
when I try to add the same entry again.

I know my server version is very very old (2005-ish?) but does anyone
have any ideas or recommendations (besides the obvious "save/export
your data and upgrade your server" kind which isn't an immediate
option).

Thanks in advance. I'm hoping I'm just doing something obviously stupid.

-- 
Kendall Gifford