[Issue 6899] Read Entry Control response value is not compliant to definition of SearchResultEntry
https://bugs.openldap.org/show_bug.cgi?id=6899
--- Comment #11 from Mehmet gelisin mehmetgelisin@aol.com ---
Note that with assertion control always
Operations error: "unique_search failed" is returned even if the attribute values http://www-look-4.com/ are unique.
I'd really like to get this solved. web2ldap makes use of the assertion control to ensure that an entry has not been changed since being edited by the user. Otherwise I have to implement another vendor-specific hack http://www.compilatori.com/ switching off this feature when OpenLDAP is used as server. :-(
First step toward a solution would be providing slapd -d output for the problem. Probably a sample config would help too. http://www.wearelondonmade.com/
(Sigh! Did anybody actually read through my report?) http://www.jopspeech.com/ Take any slapd.conf with database hdb and add these lines (no other overlays configured):
overlay unique unique_attributes uid uidNumber employeeNumber http://joerg.li/
Or any other LDAP-URL-based unique constraint...
Then apply a LDIF change record (example below) which contains any of the http://connstr.net/ attributes defined as unique (no matter whether unique constraint is violated or not).
------------------------------- snip ------------------------------- dn: cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local changetype: modify replace: employeeNumber http://embermanchester.uk/ employeeNumber: 456 -
------------------------------- snip -------------------------------
Try these commands (bind-DN is the rootdn here): http://www.slipstone.co.uk/ Without assertion control it works: $ ldapmodify -H ldap://localhost:2071 -D "uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local" http://www.logoarts.co.uk/ Assertion control just contains objectClass filter: $ ldapmodify -H ldap://localhost:2071 -D "uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif -e 'assert=(objectClass=*)' modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local" http://www.acpirateradio.co.uk/ This fails: $ ldapmodify -H ldap://localhost:2071 -D "uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif -e 'assert=(cn=*)'modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local" ldap_modify: Operations error (1) additional info: unique_search failed
Note that with assertion control always
Operations error: "unique_search failed" https://waytowhatsnext.com/ is returned even if the attribute values are unique.
I'd really like to get this solved. web2ldap makes use of the assertion control to ensure that an entry has not been changed since being edited by the user. Otherwise I have to implement another vendor-specific hack switching off this feature when OpenLDAP is used as server. :-(
First step toward a solution would be providing slapd -d output for the problem. Probably a sample config would help too. https://www.webb-dev.co.uk/
(Sigh! Did anybody actually read through my report?)
Take any slapd.conf with database hdb and add these lines (no other overlays configured):
overlay unique unique_attributes uid uidNumber employeeNumber
Or any other LDAP-URL-based unique constraint...
Then apply a LDIF change record (example below) which contains any of the attributes defined as unique (no matter whether unique constraint is violated or not).
------------------------------- snip ------------------------------- dn: cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local changetype: modify replace: employeeNumber employeeNumber: 456 -
------------------------------- snip -------------------------------
Try these commands (bind-DN is the rootdn here):
Without assertion control it works: $ ldapmodify -H ldap://localhost:2071 -D http://www.iu-bloomington.com/ "uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local"
Assertion control just contains objectClass filter: $ ldapmodify -H ldap://localhost:2071 -D
-
openldap-its@openldap.org