Kyle Blaney wrote:
Pierangelo,
Thanks for your help so far.
In attempting to reproduce my problem with a minimal slapd.conf that I could post, I am now encountering a slightly different problem related to the unique overlay. In particular, I get an LDAP constraint violation when attempting to add an entry that should be allowed.
Here's my complete slapd.conf:
ucdata-path data include schema/core.schema include schema/cosine.schema include schema/inetorgperson.schema include schema/nortel.schema backend bdb database bdb overlay unique unique_uri ldap:///?uid?sub?(sn=e*) suffix "dc=Nortel,dc=com" rootdn "cn=Administrator,dc=Nortel,dc=com" rootpw adminpwd directory data index sn eq,sub index cn eq,sub
Here are the steps to reproduce my current problem (all modifications are made using the configured rootdn):
- Add an entry with uid=a and sn=e.
- Add a second entry with uid=a and sn=f.
The second entry is not added. Instead, OpenLDAP returns error code 19 (constraint violation) with a message of "some attributes are not unique". When I comment out the unique_uri line in slapd.conf and restart slapd, the second entry can be added successfully.
Have I configured something incorrectly?
The overlay part should go after all the database part, i.e.
database bdb suffix "dc=Nortel,dc=com" rootdn "cn=Administrator,dc=Nortel,dc=com" rootpw adminpwd directory data index sn eq,sub index cn eq,sub
overlay unique unique_uri ldap:///?uid?sub?(sn=e*)
so the overlay configuration can properly check dependencies on database data. Don't know whether this fixes your issue, though.
p.