Re: "Upgrading from 2.3.x" section in Changes Appendix for Admin Guide

["Gavin Henry" <ghenry@suretecsystems.com>]

<quote who="Howard Chu">
> Gavin Henry wrote:
>> Next one:
>>
>> [root@suretec openldap]# slaptest
>> monitor_back_register_entry_attrs(""): base="cn=databases,cn=monitor"
>> scope=one
>> filter="(namingContexts:distinguishedNameMatch:=dc=suretecsystems,dc=com)":
>> unable to find entry
>>
>> backend_startup_one: bi_db_open failed! (1)
>> slap_startup failed (test would succeed using the -u switch)
>
> Pretty sure you reported this in an ITS a while back. The monitor DB
> defaults
> to no anonymous read access. You need to define a rootDN for the monitor
> DB so
> that the registration functions can actually see the tree. (The
> registration
> ops try to run as the rootDN, but if none is set, that means a zero-length
> DN,
> i.e. anonymous.)

Ah, yes. That was for the translucent/rwm ticket I think.

>
> I think this is a flaw in the design of these registration ops in
> back-monitor,
> they shouldn't depend on an actual Search operation to get their work
> done. The
> monitor code ought to be able to directly locate the entry corresponding
> to a
> given BackendDB pointer, and whatever lookup should not require filter or
> ACL
> evaluation.

I'm not qualified enough to comment yet....