Quanah Gibson-Mount wrote:
--On Tuesday, October 03, 2006 8:49 PM -0400 Robert Petkus rpetkus@bnl.gov wrote:
slapcat ldifs (slapcat -n 2 -l ldap.ldif) are polluted with accesslog entries that *replace* the original entries. For example, my account dn won't include, say, sshPublicKey, but I'd see a reqMod entry with this attribute.
First, I'd make life simpler by listing the monitoring database last.
Second, your slapcat by definition dumps the accesslog database, not your main database, since your databases are:
1: monitor 2: cn=changelog 3: dc=bnl,dc=gov
Or at least, that's my guess, and it seems to go with what you note. Or, you could change your slapcat to use "-b dc=bnl,dc=gov" which would be more explicit. That is, of course, assuming that you want to dump your main DB and not the accesslog DB. ;)
Yeah it would be convenient if I was that dumb ;) , but I had tried "-b", -n3, removing the accesslog db entries in slapd.conf and rerunning slapcat. All with the same results -- most of the main DB with a bunch of accesslog DB garbage. What is dogging me *so* much here is that these are 2 distinct physical databases.
This is an example of the garbage I got yesterday from a slapcat for my user (an illustration that some attributes are not attached to the main DB but instead the accesslog DB, yet ldapsearchable to the main DB):
Cheers, Robert
***********ldapsearch results*****************
# rpetkus, People, racf.bnl.gov dn: uid=rpetkus,ou=People,dc=stuff,dc=bnl,dc=gov uid: rpetkus cn: Robert Petkus objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: racf objectClass: ldapPublicKey uidNumber: number gidNumber: number homeDirectory: /somewhere/rpetkus loginShell: /bin/bash gidNumberAtlas: number homeDirectoryAtlas: /somewhere/rpetkus experiment: RHIC/USATLAS sn: rapetkus employeeNumber: number loginShellGateway: /bin/rbash employeeStatus: Active gecos: Robert Petkus sshPublicKey: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg 8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDX1XasdfasdftDvNxbz3w se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKasdfasdfId5q6oStWrNuNmpV48=
******Here is the slapcat for my user**************
dn: uid=rpetkus,ou=People,dc=racf,dc=bnl,dc=gov uid: rpetkus cn: Robert Petkus objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: racf uidNumber: number gidNumber: number homeDirectory: /somewhere/rpetkus loginShell: /bin/bash gidNumberAtlas: number homeDirectoryAtlas: /somewhere/rpetkus experiment: RHIC/USATLAS structuralObjectClass: inetOrgPerson entryUUID: 689ce5e4-010f-102a-8eef-9882d4436e05 creatorsName: cn=account,dc=bnl,dc=gov createTimestamp: 20051214170418Z sn: rapetkus userPassword:: employeeNumber: number loginShellGateway: /bin/rbash sshPublicKey: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg 8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDX1XZELCHtDvNxbz3w se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKReqWx5hc9Id5q6oStWrNuNmpV48= rpetkus@r sec00 employeeStatus: Active gecos: Robert Petkus 1 entryCSN: 20060906145341Z#000000#00#000000 modifiersName: cn=Manager,dc=bnl,dc=gov modifyTimestamp: 20060906145341Z
dn: reqStart=20060920134512.000000Z,cn=changelog objectClass: auditModify structuralObjectClass: auditModify reqStart: 20060920134512.000000Z reqEnd: 20060920134512.000001Z reqType: modify reqSession: 423 reqAuthzID: cn=Manager,dc=bnl,dc=gov reqDN: uid=rpetkus,ou=People,dc=racf,dc=bnl,dc=gov reqResult: 0 reqMod: sshPublicKey:= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA36Y8jfKTKJgphUO30oaI9W5QVRUg 8+fM0FFYIkaiZUuaXBYpKaIiguUcQsy+3P+KjBTI0g1Qr3gewO20S0T4i8pDXasdfasdftDvNxbz3w se4V+PPGQ/Bm4DXTjGRoMVNBABIoqWo3vYOVCvKasdfasdfId5q6oStWrNuNmpV48= reqMod: entryCSN:= 20060920134512Z#000000#00#000000 reqMod: modifiersName:= cn=account,dc=bnl,dc=gov reqMod: modifyTimestamp:= 20060920134512Z entryUUID: fb865d9c-dcf9-102a-8a91-e5d2e62e4f1a creatorsName: cn=changelog createTimestamp: 20060920134512Z entryCSN: 20060920134512Z#000000#00#000000 modifiersName: cn=changelog modifyTimestamp: 20060920134512Z
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html