Thank you for replying. Currently the man page of slapo-unique says "enforce uniqueness", which I find misleading. Would it be possible to change it to say "makes the best effort to enforce uniqueness" or something to that effect? Also, is there any way to enforce this especially for indexed attributes? I imagine you could lock the index file?
Regards, Magne Land
On 1/24/09 1:21 AM, "Pierangelo Masarati" ando@sys-net.it wrote:
Magne Land wrote:
I am using OpenLDAP 2.3.43 with BDB 4.5.20 and recently encountered a problem where two different entries were created with the same mail attribute value. The problem is that the mail attribute was defined as unique in slapd.conf: index mail eq,sub overlay unique unique_attributes mail
The two similar entries were created about 300 milliseconds apart. To add to the confusion, an ldapsearch for the same mail value occurred at roughly the same time.
So far I have not been able to reproduce this, which indicates that it is a race condition.
I hope someone can help me, or direct me to some documentation.
There is no guarantee of DSA-wide or even database-wide atomicity in write operations, including internal ones. This was never even intended to be in place. This is a known design limitation not only of slapo-unique, but also of slapd (and, I'd say, of LDAP itself).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------