[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unique overlay not working, where is the misconfiguration ? [Debian 7 - 2.4.31]

Philippe MARASSE wrote:
>     I'm trying to enable unique overlay to enforce uniqueness of uid and mail
> attributes with no luck.
> [..]
> The first time, I've used the main administrative account. So I created a sub
> administrator account, changed the ACLs, fine. Deleted the two entries,
> recreated the two entries with the same mail without error.
> I've tried to put slapd in debug mode, the only ting I've noticed is :
> 51f7df1e >>> dnPrettyNormal: <uid=test2,ou=people,dc=mydomain,dc=com>
> 51f7df1e <<< dnPrettyNormal: <uid=test2,ou=people,dc=mydomain,dc=com>,
> <uid=test2,ou=people,dc=mydomain,dc=com>
> 51f7df1e ==> unique_modify <uid=test2,ou=people,dc=mydomain,dc=com>
> 51f7df1e *unique_modify: administrative bypass, skipping*
> 51f7df1e bdb_dn2entry("uid=test2,ou=people,dc=mydomain,dc=com")
> 51f7df1e bdb_entry_get: rc=0
> If someone has a clue...

It's a bit unclear what you're really doing. There are/were some bugs in
slapo-unique but not sure whether you're hitting them without seeing *exactly*
how you perform the client operations.

Maybe you could try to provide the LDIF input data and commands you're using.
Which client?
Which options?

AFAICS in the source the bypass message is only written to log in case of
ManageDSAIT control being used during ldapadd/ldapmodify. You should really
understand what's the effect of LDAPv3 extended controls before using them.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature