Hi,
I am running OpenLDAP 2.2.13 on a CentOS 4.1 box (I am using the CentOS ldap rpm)...
I have come across an issue, that I cannot seem to find the answer for anywhere!...
The problem is that an entry has some how been removed from LDAP well, according to phpLDAPadmin and also ldapsearch.
mytestentry _used to be_ in LDAP... it has now "gone?"
I am using the following ldapsearch string..
ldapsearch -x -b "dc=tree,dc=internal,dc=company,dc=co,dc=nz" "uid=mytestentry"
results in:
# extended LDIF # # LDAPv3 # base <dc=tree,dc=internal,dc=company,dc=co,dc=nz> with scope sub # filter: uid=mytestentry # requesting: ALL #
# search result search: 2 result: 0 Success
# numResponses: 1
However, if I try to add this entry to LDAP using ldapadd
ldapadd -x -D "cn=admin,dc=tree,dc=internal,dc=company,dc=co,dc=nz" -W -f mytestentry.ldif
I get:
adding new entry "uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz" ldap_add: Already exists (68)
mytestentry.ldif contains:
dn: uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz uid: mytestentry objectClass: account objectClass: top objectClass: simpleSecurityObject userPassword: {crypt}$1$wveq.Q8L6Hv$aYl5/TmfhgxC0Zs2F41
I have a few questions:
1) Why would this entry be removed? 2) Why when I try and add the entry, it says that it exists? 3) Is there a way to fix it? 4) Am I doing something wrong?
Thanks Antonio Broughton
On Thursday 02 November 2006 14:17, Antonio Broughton wrote:
Hi,
I am running OpenLDAP 2.2.13 on a CentOS 4.1 box (I am using the CentOS ldap rpm)...
I have come across an issue, that I cannot seem to find the answer for anywhere!...
The problem is that an entry has some how been removed from LDAP well, according to phpLDAPadmin and also ldapsearch.
mytestentry _used to be_ in LDAP... it has now "gone?"
I am using the following ldapsearch string..
ldapsearch -x -b "dc=tree,dc=internal,dc=company,dc=co,dc=nz" "uid=mytestentry"
results in:
# extended LDIF # # LDAPv3 # base <dc=tree,dc=internal,dc=company,dc=co,dc=nz> with scope sub # filter: uid=mytestentry # requesting: ALL #
# search result search: 2 result: 0 Success
# numResponses: 1
However, if I try to add this entry to LDAP using ldapadd
ldapadd -x -D "cn=admin,dc=tree,dc=internal,dc=company,dc=co,dc=nz" -W -f mytestentry.ldif
I get:
adding new entry "uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz" ldap_add: Already exists (68)
mytestentry.ldif contains:
dn: uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz uid: mytestentry objectClass: account objectClass: top objectClass: simpleSecurityObject userPassword: {crypt}$1$wveq.Q8L6Hv$aYl5/TmfhgxC0Zs2F41
I have a few questions:
Looks like a corrupt index. I had that a couple times in the past.
- Why would this entry be removed?
It's not removed, just missing from the index.
- Why when I try and add the entry, it says that it exists?
Because it's still there in the DB.
- Is there a way to fix it?
Reindex you DB. Stop slapd, remove all the indexes and run slapindex. Or slapcat/slapadd you DB (that's what I used to do).
- Am I doing something wrong?
You're using an outdated version, upgrade to 2.3.28 and if by chance you're using ldbm as your backend, switch to bdb or hdb! Most of these cases I remember I had with ldbm, I can't remember any case with bdb (but that doesn't mean it can't happen with bdb).
Karsten.
Karsten Künne wrote:
On Thursday 02 November 2006 14:17, Antonio Broughton wrote:
I have a few questions:
Looks like a corrupt index. I had that a couple times in the past.
- Why would this entry be removed?
It's not removed, just missing from the index.
- Why when I try and add the entry, it says that it exists?
Because it's still there in the DB.
- Is there a way to fix it?
Reindex you DB. Stop slapd, remove all the indexes and run slapindex. Or slapcat/slapadd you DB (that's what I used to do).
I ran slapindex, but... it still occurs
- Am I doing something wrong?
You're using an outdated version, upgrade to 2.3.28 and if by chance you're using ldbm as your backend, switch to bdb or hdb! Most of these cases I remember I had with ldbm, I can't remember any case with bdb (but that doesn't mean it can't happen with bdb).
Karsten.
I am using BDB as the backend...
Also, when I run slapcat, it also results in there being no data for the entry!
Also, this is not a permissions issue, as using the admin user... I am still unable to locate "mytestentry"
-- Antonio Broughton
Antonio Broughton antonio@flerwin.net writes:
Hi,
I am running OpenLDAP 2.2.13 on a CentOS 4.1 box (I am using the CentOS ldap rpm)...
I have come across an issue, that I cannot seem to find the answer for anywhere!...
The problem is that an entry has some how been removed from LDAP well, according to phpLDAPadmin and also ldapsearch.
mytestentry _used to be_ in LDAP... it has now "gone?"
I am using the following ldapsearch string..
ldapsearch -x -b "dc=tree,dc=internal,dc=company,dc=co,dc=nz" "uid=mytestentry"
[...]
adding new entry "uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz" ldap_add: Already exists (68)
I have a few questions:
- Why would this entry be removed?
- Why when I try and add the entry, it says that it exists?
- Is there a way to fix it?
- Am I doing something wrong?
The entry has not been removed, it seems that your access rules do not allow anonymous read on this object.
-Dieter
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
I have the same problem. In my case the entry still exists but, the uid is not longer in the index.
Until now I have no solution for the underlying problem, but you can easily rebuild your index with slapreindex.
You can try to search by an other attribute than uid to verify that the entry still exists.
Dieter Kluenter schrieb:
Antonio Broughton antonio@flerwin.net writes:
Hi,
I am running OpenLDAP 2.2.13 on a CentOS 4.1 box (I am using the CentOS ldap rpm)...
I have come across an issue, that I cannot seem to find the answer for anywhere!...
The problem is that an entry has some how been removed from LDAP well, according to phpLDAPadmin and also ldapsearch.
mytestentry _used to be_ in LDAP... it has now "gone?"
I am using the following ldapsearch string..
ldapsearch -x -b "dc=tree,dc=internal,dc=company,dc=co,dc=nz" "uid=mytestentry"
[...]
adding new entry "uid=mytestentry,ou=Testing,dc=tree,dc=internal,dc=company,dc=co,dc=nz" ldap_add: Already exists (68)
I have a few questions:
- Why would this entry be removed?
- Why when I try and add the entry, it says that it exists?
- Is there a way to fix it?
- Am I doing something wrong?
The entry has not been removed, it seems that your access rules do not allow anonymous read on this object.
-Dieter
- -- Hochschule der Medien Studiengang Informationsdesign Wolframstrasse 32
D-70191 Stuttgart ++49 (0)711 25706 114
openldap-software@openldap.org
-
Antonio Broughton -
David Pruem -
Dieter Kluenter -
Karsten Künne