Hi everybody, I have setup a ldap proxy cache (2.3.34), but somehow I cannot write into the proxy database. When I first search into the directory, I get the following in the log file: slapd[450]: QUERY NOT ANSWERABLE slapd[450]: QUERY CACHEABLE
This tells me that at least the proxyTemplate is set up correctly, then I run the second time the search command, and I get:
slapd[518]: QUERY ANSWERABLE
I suppose ldap found in the cache the search output, but I get no result. After searching a little bit, I also found this messages, after the first search:
==> bdb_add: uid=dummy,ou=People,dc=cscs,dc=com bdb_add: entry failed op attrs add: no structural object class provided (65) send_ldap_result: conn=2 op=1 p=3 send_ldap_result: err=65 matched="" text="no structural object class provided" ENTRY ADDED/MERGED, CACHED ENTRIES=0
Somehow I cannot write into the directory..
this is my slapd.conf file:
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema
pidfile /usr/local/openldap/var/run/slapd.pid argsfile /usr/local/openldap/var/run/slapd.args
loglevel -1 threads 8 idletimeout 240
lastmod off
database ldap suffix "ou=people,dc=cscs,dc=com" rootdn "cn=ldapadm,dc=cscs,dc=com" uri ldap://ldap2.cscs.com/ou=people%2cdc=cscs%2cdc=com
overlay pcache proxyCache bdb 100000 2 1000 60
proxyAttrset 0 uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass proxyAttrset 1 cn userPassword memberUid uniqueMember gidNumber
proxyTemplate (&(objectClass=)(uid=)(description=)) 0 300 proxyTemplate (&(objectClass=)(uidNumber=)(description=)) 0 300 proxyTemplate (&(objectClass=)(description=)) 0 300
proxyTemplate (&(objectClass=)(cn=)) 1 300 proxyTemplate (&(objectClass=)) 1 300 proxyTemplate (&(objectClass=)(gidNumber=)) 1 300 proxyTemplate (&(objectClass=)(memberUid=)) 1 300
cachesize 50000 directory /usr/local/openldap/var/openldap-data
index objectClass eq index uid eq index uidNumber eq index gidNumber eq index memberUid eq index description eq index cn pres,eq,sub
Can anybody help me? Thanks in advance, Amos
Amos Castelli wrote:
Hi everybody, I have setup a ldap proxy cache (2.3.34), but somehow I cannot write into the proxy database. When I first search into the directory, I get the following in the log file: slapd[450]: QUERY NOT ANSWERABLE slapd[450]: QUERY CACHEABLE
This tells me that at least the proxyTemplate is set up correctly, then I run the second time the search command, and I get:
slapd[518]: QUERY ANSWERABLE
I suppose ldap found in the cache the search output, but I get no result. After searching a little bit, I also found this messages, after the first search:
==> bdb_add: uid=dummy,ou=People,dc=cscs,dc=com bdb_add: entry failed op attrs add: no structural object class provided (65) send_ldap_result: conn=2 op=1 p=3 send_ldap_result: err=65 matched="" text="no structural object class provided" ENTRY ADDED/MERGED, CACHED ENTRIES=0
Somehow I cannot write into the directory..
Looks like there are two problems; the server you're proxying from is serving entries with an invalid objectclass chain, and the slapd is requiring a valid structural objectclass even though the proxycache implicitly disables schema checking.
The latter problem was fixed in OpenLDAP 2.4. There are no plans to backport the fix to 2.3.
Hi Howard, is there any way to overcome this problem with objectclass mapping/rewriting?
Thanks, Amos
On Wednesday 14 March 2007 22:28, Howard Chu wrote:
Amos Castelli wrote:
Hi everybody, I have setup a ldap proxy cache (2.3.34), but somehow I cannot write into the proxy database. When I first search into the directory, I get the following in the log file: slapd[450]: QUERY NOT ANSWERABLE slapd[450]: QUERY CACHEABLE
This tells me that at least the proxyTemplate is set up correctly, then I run the second time the search command, and I get:
slapd[518]: QUERY ANSWERABLE
I suppose ldap found in the cache the search output, but I get no result. After searching a little bit, I also found this messages, after the first search:
==> bdb_add: uid=dummy,ou=People,dc=cscs,dc=com bdb_add: entry failed op attrs add: no structural object class provided (65) send_ldap_result: conn=2 op=1 p=3 send_ldap_result: err=65 matched="" text="no structural object class provided" ENTRY ADDED/MERGED, CACHED ENTRIES=0
Somehow I cannot write into the directory..
Looks like there are two problems; the server you're proxying from is serving entries with an invalid objectclass chain, and the slapd is requiring a valid structural objectclass even though the proxycache implicitly disables schema checking.
The latter problem was fixed in OpenLDAP 2.4. There are no plans to backport the fix to 2.3.
openldap-software@openldap.org
-
Amos Castelli -
Howard Chu