- openldap-bugs - openldap.org

[Issue 9772] New: replication of cn=config for olcDatabase={2}mdb,cn=config not working
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9772 Issue ID: 9772 Summary: replication of cn=config for olcDatabase={2}mdb,cn=config not working Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: stefan(a)kania-online.de Target Milestone: --- My setup is a mmr for cn=config. The configuration of all servers is: --------------- dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov dn: olcDatabase={0}config,cn=config changetype: modify replace: olcSyncRepl olcSyncRepl: rid=1 provider=ldap://ldap01.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=2 provider=ldap://ldap02.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=3 provider=ldap://ldap03.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow olcSyncRepl: rid=4 provider=ldap://ldap04.example.net binddn="cn=admin,cn=config" bindmethod=simple credentials=secret searchbase="cn=config" type=refreshAndPersist retry="5 5 300 20" timeout=1 starttls=yes tls_reqcert=allow - add: olcMultiprovider olcMultiprovider: TRUE ------------- Replication is working for dn: olcDatabase={-1}frontend,cn=config but not for the configuration of the main DB dn: olcDatabase={2}mdb,cn=config When I do a change I got the following messages: ----------------- messages on provider Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 ACCEPT from IP=192.168.56.46:57844 (IP=0.0.0.0:389) Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 STARTTLS Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=0 RESULT oid= err=0 qtime=0.000023 etime=0.000176 text= Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.3 tls_cipher=TLS_AES_256_GCM_SHA384 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 BIND dn="cn=admin,cn=config" method=128 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 BIND dn="cn=admin,cn=config" mech=SIMPLE bind_ssf=0 ssf=256 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=1 RESULT tag=97 err=0 qtime=0.000027 etime=0.020422 text= Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 SRCH base="cn=config" scope=2 deref=0 filter="(objectClass=*)" Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 SRCH attr=* + Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: got a persistent search with a cookie=rid=004,sid=002,csn=20211215092402.061636Z#000000#002#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_findbase: searching Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: registered persistent search Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_op_search: consumer cookie is missing a csn we track Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_search_response: cookie=rid=004,sid=004,csn=20211215092401.968707Z#000000#001#000000;20211215092402.061636Z#000000#002#000000;20211215092402.073013Z#000000#003#000000;20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_sendinfo: refreshPresent cookie=rid=004,sid=004,csn=20211215092401.968707Z#000000#001#000000;20211215092402.061636Z#000000#002#000000;20211215092402.073013Z#000000#003#000000;20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=2 syncprov_search_response: detaching op Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 op=3 UNBIND Dez 15 10:37:56 ldap04 slapd[6319]: conn=1013 fd=18 closed messages on consumer Dez 15 10:37:56 ldap02 slapd[6271]: do_syncrep1: rid=004 starting refresh (sending cookie=rid=004,sid=002,csn=20211215092402.061636Z#000000#002#000000) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=config, UUID: 5d4870f0-f1d0-103b-92fc-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d4870f0-f1d0-103b-92fc-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn=config 20211215085439.318447Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=module{0},cn=config, UUID: 5d487b22-f1d0-103b-92fe-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d487b22-f1d0-103b-92fe-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn=module{0},cn=config 20211215085432.145148Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=module{0},cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn=module{0},cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn=schema,cn=config, UUID: 5d4877bc-f1d0-103b-92fd-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d4877bc-f1d0-103b-92fd-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_add cn=schema,cn=config (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={0}core,cn=schema,cn=config, UUID: 5d48abc4-f1d0-103b-92ff-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48abc4-f1d0-103b-92ff-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={0}core,cn=schema,cn=config 20211215085432.146392Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={0}core,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={0}core,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={1}cosine,cn=schema,cn=config, UUID: 5d48c23a-f1d0-103b-9300-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48c23a-f1d0-103b-9300-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={1}cosine,cn=schema,cn=config 20211215085432.146967Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={1}cosine,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={1}cosine,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={2}nis,cn=schema,cn=config, UUID: 5d48d1b2-f1d0-103b-9301-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48d1b2-f1d0-103b-9301-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={2}nis,cn=schema,cn=config 20211215085432.147363Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={2}nis,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={2}nis,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={3}inetorgperson,cn=schema,cn=config, UUID: 5d48dbc6-f1d0-103b-9302-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48dbc6-f1d0-103b-9302-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={3}inetorgperson,cn=schema,cn=config 20211215085432.147621Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={3}inetorgperson,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={3}inetorgperson,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={4}dyngroup,cn=schema,cn=config, UUID: 5d48e152-f1d0-103b-9303-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48e152-f1d0-103b-9303-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={4}dyngroup,cn=schema,cn=config 20211215085432.147763Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={4}dyngroup,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={4}dyngroup,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: cn={5}kerberos,cn=schema,cn=config, UUID: 5d48e79c-f1d0-103b-9304-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48e79c-f1d0-103b-9304-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN cn={5}kerberos,cn=schema,cn=config 20211215085432.147924Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 cn={5}kerberos,cn=schema,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (cn={5}kerberos,cn=schema,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={-1}frontend,cn=config, UUID: 5d48f458-f1d0-103b-9305-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48f458-f1d0-103b-9305-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={-1}frontend,cn=config 20211215085432.148251Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={-1}frontend,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={-1}frontend,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={0}config,cn=config, UUID: 5d48f7aa-f1d0-103b-9306-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48f7aa-f1d0-103b-9306-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={0}config,cn=config 20211215092402.084067Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={0}config,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={0}config,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config, UUID: 7c3fa65a-f1d4-103b-983d-81584f1425b7 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 7c3fa65a-f1d4-103b-983d-81584f1425b7 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcOverlay={0}syncprov,olcDatabase={0}config,cn=config 20211215092402.083542Z#000000#004#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcOverlay={0}syncprov,olcDatabase={0}config,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcOverlay={0}syncprov,olcDatabase={0}config,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={1}monitor,cn=config, UUID: 5d48fa48-f1d0-103b-9307-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48fa48-f1d0-103b-9307-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: dn_callback : entries have identical CSN olcDatabase={1}monitor,cn=config 20211215085432.148402Z#000000#000#000000 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={1}monitor,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 entry unchanged, ignored (olcDatabase={1}monitor,cn=config) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_message_to_entry: rid=004 DN: olcDatabase={2}mdb,cn=config, UUID: 5d48fd0e-f1d0-103b-9308-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_ADD) csn=(none) tid 0x7f0589699700 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 inserted UUID 5d48fd0e-f1d0-103b-9308-1b7679847168 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_search (0) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 olcDatabase={2}mdb,cn=config Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_add olcDatabase={2}mdb,cn=config (68) Dez 15 10:37:56 ldap02 slapd[6271]: conn=-1 op=0 syncprov_matchops: recording uuid for dn=olcDatabase={2}mdb,cn=config on opc=0x7ef1740062c0 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_null_callback : error code 0x35 Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify olcDatabase={2}mdb,cn=config (53) Dez 15 10:37:56 ldap02 slapd[6271]: syncrepl_entry: rid=004 be_modify failed (53) Dez 15 10:37:56 ldap02 slapd[6271]: do_syncrepl: rid=004 rc 53 retrying (18 retries left) ----------------- A change with ldapmodify is only changing the cn=config on the server I did the ldapmodify. All other servers do not see anything, no message in the log. All systems are Debian 11 with symas packages 2.6.0-5. -- You are receiving this mail because: You are on the CC list for the issue.

1 24

[Issue 9761] New: Inserting olcSyncrepl into a given index inserts at the end
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9761 Issue ID: 9761 Summary: Inserting olcSyncrepl into a given index inserts at the end Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- olcSyncrepl is marked "X-ORDERED 'VALUES'" but add_syncrepl() always adds the new value at the end of the list. This breaks value deletes. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9751] New: Delta-MPR resolution too eager to drop attribute deletes
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9751 Issue ID: 9751 Summary: Delta-MPR resolution too eager to drop attribute deletes Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review, replication Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- syncrepl_resolve_cb will completely drop an attribute delete (or the delete part of replace) if there's a "newer" (timestamp-wise) op touching the same attribute. This way servers processing the "out of order" write end up keeping values that should have been removed (and have been on those that received it in the natural order). -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9779] New: dynlist Negation filter on memberOf attribute doesn't work
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9779 Issue ID: 9779 Summary: dynlist Negation filter on memberOf attribute doesn't work Product: OpenLDAP Version: 2.5.5 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: mail(a)andrejro.de Target Milestone: --- Setup is according to documentation of slapo-dynlist to replace the old memberOf overlay, which I only want to use for mapping static groupOfNames back on memberOf= attributes of members. dynlist-attrset groupOfNames labeledURI member+memberOf@groupOfNames If I now have: dn: cn=test,ou=Group,dc=example,dc=com objectClass: groupOfNames objectClass: top cn: test member: uid=test,ou=People,dc=example,dc=com dn: uid=test,ou=People,dc=example,dc=com objectClass: account objectClass: top cn: Test User uid: test dn: uid=test2,ou=People,dc=example,dc=com objectClass: account objectClass: top cn: Test2 User uid: test2 I expect for a search filter '(memberOf=cn=test,ou=Group,dc=example,dc=com)' to return dn: "uid=test,ou=People,dc=example,dc=com" and for a search filter '(!(memberOf=cn=test,ou=Group,dc=eample,dc=com)' to return dn: "uid=test2,ou=People,dc=example,dc=com" First operation with a positive search filter works, but I cannot get the second case to work, even when requesting the memberOf attribute explictly as return attribute. -- You are receiving this mail because: You are on the CC list for the issue.

1 15

[Issue 9770] New: slapo-constraint handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9770 Issue ID: 9770 Summary: slapo-constraint handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Just like ITS#9493. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9764] New: slapo-valsort handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9764 Issue ID: 9764 Summary: slapo-valsort handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Similar to ITS#9493. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9763] New: slapo-refint handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9763 Issue ID: 9763 Summary: slapo-refint handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Similar to ITS#9493. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9762] New: slapo-dyngroup handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9762 Issue ID: 9762 Summary: slapo-dyngroup handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Similar to ITS#9493. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9759] New: olcRetcodeItem doesn't implement ordered values correctly
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9759 Issue ID: 9759 Summary: olcRetcodeItem doesn't implement ordered values correctly Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- olcRetcodeItem is marked X-ORDERED 'VALUES' so it has to handle ordered inserts, which is currently not implemented. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9756] New: syncprov_play_accesslog doesn't check minCSN properly
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9756 Issue ID: 9756 Summary: syncprov_play_accesslog doesn't check minCSN properly Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- When asked to replay the accesslog database for a refresh delete, syncprov doesn't interpret the minCSN data correctly, resulting in: - an inaccurate refresh if a purge removed some important data in the meantime - potentially a very expensive query when consumer is actually up to date w.r.t. to some sids in our contextCSN -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9752] New: Improperly normalized minCSN values in accesslog
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9752 Issue ID: 9752 Summary: Improperly normalized minCSN values in accesslog Product: OpenLDAP Version: 2.5.9 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- The CSN matching rules require normalized values to be provided. When normalized values are provided to attr_merge they must be distinct from the regular values. accesslog.c:1982 is providing the same berval in both regular and normalized value, which triggers an assert failure for this consistency check. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9747] New: dynlist overlay breaks member compare operation for groups
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9747 Issue ID: 9747 Summary: dynlist overlay breaks member compare operation for groups Product: OpenLDAP Version: 2.5.8 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: henson(a)acm.org Target Milestone: --- Given the following group: dn: uid=unxadmin,ou=group,dc=cpp,dc=edu objectClass: groupOfNames objectClass: cppGroup objectClass: posixGroup uid: unxadmin cn: Unix Administrators gidNumber: 17730 member: member: uid=gkuri,ou=user,dc=cpp,dc=edu member: uid=henson,ou=user,dc=cpp,dc=edu memberUid: gkuri memberUid: henson and the following dynlist config: dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames ldap compare operations checking group membership fail erroneously: # ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu FALSE If the dynlist-attrset configuration is removed, the compare works as expected: # ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu TRUE -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9749] New: logoldattr documentation is misleading
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9749 Issue ID: 9749 Summary: logoldattr documentation is misleading Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Reading the accesslog manpage, someone might expect that attributes specified in logoldattr would be logged regardless of whether the entry being modified matches any of the configured filters. This is not the case and should be clarified. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9707] New: Documentation synchronisation ODSEE --> openldap
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9707 Issue ID: 9707 Summary: Documentation synchronisation ODSEE --> openldap Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: laurent.revillion(a)icloud.com Target Milestone: --- There is no documentation about the synchronisation between ODSEE and Openldap 2.5. Will there be one? -- You are receiving this mail because: You are on the CC list for the issue.

1 16

[Issue 9766] New: slapo-autogroup handling of X-VALUES ORDERED is incorrect
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9766 Issue ID: 9766 Summary: slapo-autogroup handling of X-VALUES ORDERED is incorrect Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- When adding a value to the beginning of the list (position {0}), internally, it gets added to the end instead, this is incorrect. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9777] New: Happy new year
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9777 Issue ID: 9777 Summary: Happy new year Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: orel(a)melix.net Target Milestone: --- Created attachment 868 --> https://bugs.openldap.org/attachment.cgi?id=868&action=edit 2021 changed to 2022 on copyright Just bump the year to 2022 -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9781] New: regression test its4448 assertion
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9781 Issue ID: 9781 Summary: regression test its4448 assertion Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Starting with OpenLDAP 2.5, the ITS4448 regression case no longer passes and instead triggers an assertion: slapd: request.c:1672: ldap_find_request_by_msgid: Assertion `lr->lr_refcnt == 0' failed. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9760] New: back-wt is not set "SLAP_DBFLAG_CLEAN"
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9760 Issue ID: 9760 Summary: back-wt is not set "SLAP_DBFLAG_CLEAN" Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hamano(a)osstech.co.jp Target Milestone: --- https://github.com/osstech-jp/openldap/issues/10 yasumatk says: > If "SLAP_DBFLAG_CLEAN" is not set for a backend database, the initialization process of the syncprov overlay reads all entries in the backend database. As a result, slapd startup time will increase on the back-wt database with a large number of entries. So, back-wt should be set "SLAP_DBFLAG_CLEAN" in back-wt/init.c. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9753] New: back-mdb index incorrect on modify/replace
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9753 Issue ID: 9753 Summary: back-mdb index incorrect on modify/replace Product: OpenLDAP Version: 2.4.6 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- When doing a modify/replace on an indexed attribute, back-mdb only deletes the old values from the index and doesn't add the new values into the index. -- You are receiving this mail because: You are on the CC list for the issue.

1 24

[Issue 9783] New: Error ldap_bind: Invalid credentials (49)
by openldap-its＠openldap.org 19 Jan '22

19 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9783 Issue ID: 9783 Summary: Error ldap_bind: Invalid credentials (49) Product: OpenLDAP Version: 2.4.57 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: raphael.santos(a)enkel.com.br Target Milestone: --- Hello everyone, everything good? I'm having trouble making my migration. I'm migrating from the OUD tool to Openldap, but when I export a user from the OUD it comes with the password key SSHA512, and when I import it into Openldap it can't decrypt, I've read several forums but so far without success. I tried to import the module slapd-sha2.so, pw-sha2.so. Does anyone have any tips? -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 6097] MMR problems with deletes
by openldap-its＠openldap.org 18 Jan '22

18 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=6097 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.1 |2.6.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7080] post read control in back-config
by openldap-its＠openldap.org 18 Jan '22

18 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=7080 --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 67f7f98c by Ondřej Kuzník at 2022-01-18T18:31:32+00:00 ITS#7080 Fix debug message • a6c110d1 by Ondřej Kuzník at 2022-01-18T18:31:32+00:00 ITS#7080 cn=config postread support for modrdn when back-ldif not used RE26: • 4bf68b2c by Ondřej Kuzník at 2022-01-18T23:08:53+00:00 ITS#7080 Fix debug message • 441d54ad by Ondřej Kuzník at 2022-01-18T23:08:59+00:00 ITS#7080 cn=config postread support for modrdn when back-ldif not used -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8039] syncprov memory leak
by openldap-its＠openldap.org 18 Jan '22

18 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8039 --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 6ccc0974 by Ondřej Kuzník at 2022-01-18T16:46:09+00:00 ITS#8039 Free resinfo even if opcookie is the last owner re26: • c1f4072c by Ondřej Kuzník at 2022-01-18T23:07:06+00:00 ITS#8039 Free resinfo even if opcookie is the last owner re25: • cbc06de6 by Ondřej Kuzník at 2022-01-18T23:07:47+00:00 ITS#8039 Free resinfo even if opcookie is the last owner -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 5972] Send newCookie sync info messages
by openldap-its＠openldap.org 18 Jan '22

18 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=5972 --- Comment #7 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 4b18c2be by Ondřej Kuzník at 2022-01-18T03:34:27+00:00 ITS#5972 Consider all deletes for syncInfo messages RE26: • 329c92bd by Ondřej Kuzník at 2022-01-18T23:00:30+00:00 ITS#5972 Consider all deletes for syncInfo messages -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7239] slapo-accesslog: not all write operations logged with 'logops all'
by openldap-its＠openldap.org 18 Jan '22

18 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=7239 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |PARTIAL Status|UNCONFIRMED |RESOLVED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs