elecharny@apache.org wrote:
Full_Name: Emmanuel Lecharny Version: 2.4.24 OS: Ubuntu URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (78.226.4.211)
The olcSuffix AT, which is not declared as SINGLE-VALUED, does not support more than one value. Per se, the definition of this AT should be explicit about it.
No. The attribute is not single-valued, but individual backend implementations may only allow a single suffix.
However, this is not the main issue.
Trying to modify its value using such a LDIF file :
dn: olcDatabase={3}ldif,cn=config changetype: modify delete: olcSuffix olcSuffix: cn=test2
add: olcSuffix olcSuffix: cn=test3
leads to an error : #!ERROR [LDAP: error code 80 -<olcSuffix> Only one suffix is allowed on this ldif backend]
It seems that there is an internal check that is done to insure that the olcSuffix does not contain more than one value, bypassing the AT definition, and that this check is not correctly done when a modify operation is sent.
Thanks for the report, now fixed in master.
Deleting the olcSuffix AT and injcting a new one works.