Full_Name: Emmanuel Lecharny
Submission from: (NULL) (18.104.22.168)
The olcSuffix AT, which is not declared as SINGLE-VALUED, does not support more
than one value. Per se, the definition of this AT should be explicit about it.
No. The attribute is not single-valued, but individual backend implementations
may only allow a single suffix.
However, this is not the main issue.
Trying to modify its value using such a LDIF file :
leads to an error :
#!ERROR [LDAP: error code 80 -<olcSuffix> Only one suffix is allowed on this
It seems that there is an internal check that is done to insure that the
olcSuffix does not contain more than one value, bypassing the AT definition, and
that this check is not correctly done when a modify operation is sent.
Thanks for the report, now fixed in master.
Deleting the olcSuffix AT and injcting a new one works.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/