2:43 a.m.
https://bugs.openldap.org/show_bug.cgi?id=6899
--- Comment #11 from Mehmet gelisin <mehmetgelisin(a)aol.com> ---
Note that with assertion control always
> Operations error: "unique_search failed"
> is returned even if the attribute values http://www-look-4.com/ are unique.
>
> I'd really like to get this solved. web2ldap makes use of the assertion
> control to ensure that an entry has not been changed since being
> edited by the
> user. Otherwise I have to implement another vendor-specific hack
http://www.compilatori.com/
> switching off
> this feature when OpenLDAP is used as server. :-(
First step toward a solution would be providing slapd -d output for the
problem. Probably a sample config would help too. http://www.wearelondonmade.com/
(Sigh! Did anybody actually read through my report?)
http://www.jopspeech.com/
Take any slapd.conf with database hdb and add these lines (no other overlays
configured):
overlay unique
unique_attributes uid uidNumber employeeNumber http://joerg.li/
Or any other LDAP-URL-based unique constraint...
Then apply a LDIF change record (example below) which contains any of the
http://connstr.net/
attributes defined as unique (no matter whether unique constraint is violated
or not).
------------------------------- snip -------------------------------
dn: cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local
changetype: modify
replace: employeeNumber http://embermanchester.uk/
employeeNumber: 456
-
------------------------------- snip -------------------------------
Try these commands (bind-DN is the rootdn here):
http://www.slipstone.co.uk/
Without assertion control it works:
$ ldapmodify -H ldap://localhost:2071 -D
"uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif
modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local"
http://www.logoarts.co.uk/
Assertion control just contains objectClass filter:
$ ldapmodify -H ldap://localhost:2071 -D
"uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif -e
'assert=(objectClass=*)'
modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local"
http://www.acpirateradio.co.uk/
This fails:
$ ldapmodify -H ldap://localhost:2071 -D
"uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif -e
'assert=(cn=*)'modifying entry "cn=Anna
Blume,ou=Users,ou=schulung,dc=stroeder,dc=local"
ldap_modify: Operations error (1)
additional info: unique_search failed
Note that with assertion control always
> Operations error: "unique_search failed" https://waytowhatsnext.com/
> is returned even if the attribute values are unique.
>
> I'd really like to get this solved. web2ldap makes use of the assertion
> control to ensure that an entry has not been changed since being
> edited by the
> user. Otherwise I have to implement another vendor-specific hack
> switching off
> this feature when OpenLDAP is used as server. :-(
First step toward a solution would be providing slapd -d output for the
problem. Probably a sample config would help too. https://www.webb-dev.co.uk/
(Sigh! Did anybody actually read through my report?)
Take any slapd.conf with database hdb and add these lines (no other overlays
configured):
overlay unique
unique_attributes uid uidNumber employeeNumber
Or any other LDAP-URL-based unique constraint...
Then apply a LDIF change record (example below) which contains any of the
attributes defined as unique (no matter whether unique constraint is violated
or not).
------------------------------- snip -------------------------------
dn: cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local
changetype: modify
replace: employeeNumber
employeeNumber: 456
-
------------------------------- snip -------------------------------
Try these commands (bind-DN is the rootdn here):
Without assertion control it works:
$ ldapmodify -H ldap://localhost:2071 -D http://www.iu-bloomington.com/
"uid=diradm,ou=schulung,dc=stroeder,dc=local" -w testsecret -f unique.ldif
modifying entry "cn=Anna Blume,ou=Users,ou=schulung,dc=stroeder,dc=local"
Assertion control just contains objectClass filter:
$ ldapmodify -H ldap://localhost:2071 -D
--
You are receiving this mail because:
You are on the CC list for the issue.
753
days inactive
753
days old
0 comments
1 participants
participants (1)
-
openldap-its@openldap.org