Re: ldapdelete: Invalid DN on an Accesslog generated DN

[Dieter Klünter <dieter@dkluenter.de>]

Am Tue, 15 May 2018 10:02:18 +0200
schrieb Giuseppe Civitella <giuseppe.civitella@gmail.com>:

> Hi all,
> 
> while doing some tests to enable accesslog in my directory, I did
> enable the overlay and then disabled it because of login problems.
> Once restored the directory, I found a few entries like this:
> 
> dn: reqStart=20180509102412.000000Z,BASEDN
> objectClass: auditModify
> structuralObjectClass: auditModify
> REQSTART: 20180509102412.000000Z
> REQEND: 20180509102412.000001Z
> REQTYPE: modify
> REQSESSION: 1679
> REQAUTHZID: cn=admin,BASEDN
> REQDN: cn=gcivitella,ou=users,BASEDN
> REQRESULT: 0
> REQMOD: description:= description utente gcivitella (update check
> accesslog) REQMOD: entryCSN:= 20180509102412.246481Z#000000#000#000000
> REQMOD: modifiersName:= cn=admin,BASEDN
> REQMOD: modifyTimestamp:= 20180509102412Z
> REQENTRYUUID: 53620528-9276-1037-8c51-e5b01d96303b
> entryUUID: dc744658-e7be-1037-9c6f-71aa77ba1fb3
> creatorsName: cn=admin,BASEDN
> createTimestamp: 20180509102412Z
> entryCSN: 20180509102412.246481Z#000000#000#000000
> modifiersName: cn=admin,BASEDN
> modifyTimestamp: 20180509102412Z
> 
> Now I'm unable to delete them. I get an "invalid DN" error:
> 
> ldapdelete -D "cn=admin,BASEDN" -W -H ldap://127.0.0.1 -v 
> "reqStart=20180509102412.000000Z,BASEDN"
> 
> ldap_initialize( ldap://127.0.0.1:389/??base )
> Enter LDAP Password: 
> deleting entry "reqStart=20180509102412.000000Z,BASEDN"
> ldap_delete: Invalid DN syntax (34)
>         additional info: invalid DN
> 
> Is there a way to force the deletion or temporary disable the schema
> check?

It seems that $BASEDN is not a valid DN, check 
https://ldap.com/ldap-dns-and-rdns
read man slapo-accesslog(5) on logpurge

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E