I'm trying to initialize a DIT. This is the error I get:
root@tpro:/var/lib/ldap# slapadd -v -n 2 -l tproca1st.ldif PROXIED attributeDescription "DC" inserted. hdb_monitor_db_open: monitoring disabled; configure monitor database to enable slapadd: dn="DC=tpro,DC=ca" (line=1): (64) naming attribute 'DC' is obsolete
root@tpro:/var/lib/ldap# cat tproca1st.ldif dn: dc=tpro,dc=ca objectClass: top objectClass: dcObject objectClass: organization o: My test Orga dc: tpro
root@tpro:/var/lib/ldap# slapcat -b cn=config ... dn: olcDatabase={2}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcSuffix: DC=tpro,DC=ca olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcMonitoring: TRUE olcDbDirectory: /var/lib/ldap/tproca olcDbCacheSize: 1000 olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 4194304 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbNoSync: FALSE olcDbDirtyRead: FALSE olcDbIDLcacheSize: 0 olcDbLinearIndex: FALSE olcDbMode: 384 olcDbSearchStack: 16 olcDbShmKey: 0 olcDbCacheFree: 1 olcDbDNcacheSize: 0 structuralObjectClass: olcHdbConfig entryUUID: 140c5ffc-f953-102c-9659-bb5cef3694ca creatorsName: cn=config createTimestamp: 20080808050326Z olcDbIndex: objectClass eq olcDbIndex: mail eq olcAccess: {0}to dn.subtree="ou=users,dc=tpro,dc=ca" filter="(objectClass=sldM ailRecipient)" attrs=mail,sldMailbox,userPassword by dn="cn=dovecot,dc=tpro,dc=ca" read by * break olcAccess: {1}to attrs=entry,uid,objectClass by dn.base="cn=dn-search,dc=tpro,dc=ca" read by * break olcAccess: {2}to attrs=userPassword,shadowLastChange by dn.base="cn=admin,dc= tpro,dc=ca" write by anonymous auth by self write by * none olcAccess: {3}to dn.base="" by * read olcAccess: {4}to * by dn.base="cn=admin,dc=tpro,dc=ca" write by * read entryCSN: 20080818145521.939111Z#000000#000#000000 modifiersName: cn=admin,DC=tpro,DC=ca modifyTimestamp: 20080820145521Z
I'm using Ubuntu package for slapd 2.4.11.
Any hints?
Regards, maykel
I'm curious why the error says "DC= " yet your file says "dc=" The case mismatch is interesting, however, should not matter.
PROXIED attribute DC inserted is more of what I'm interested in. Is this server setup with replication by chance already? If so, you will want to turn that off before you initialize it otherwise that could get in the way. Or, do you have referrals setup already? (didn't see them in the config).
Sellers
On Aug 21, 2008, at 11:19 AM, Maykel Moya wrote:
I'm trying to initialize a DIT. This is the error I get:
root@tpro:/var/lib/ldap# slapadd -v -n 2 -l tproca1st.ldif PROXIED attributeDescription "DC" inserted. hdb_monitor_db_open: monitoring disabled; configure monitor database to enable slapadd: dn="DC=tpro,DC=ca" (line=1): (64) naming attribute 'DC' is obsolete
root@tpro:/var/lib/ldap# cat tproca1st.ldif dn: dc=tpro,dc=ca objectClass: top objectClass: dcObject objectClass: organization o: My test Orga dc: tpro
root@tpro:/var/lib/ldap# slapcat -b cn=config ... dn: olcDatabase={2}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcSuffix: DC=tpro,DC=ca olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcMonitoring: TRUE olcDbDirectory: /var/lib/ldap/tproca olcDbCacheSize: 1000 olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 4194304 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbNoSync: FALSE olcDbDirtyRead: FALSE olcDbIDLcacheSize: 0 olcDbLinearIndex: FALSE olcDbMode: 384 olcDbSearchStack: 16 olcDbShmKey: 0 olcDbCacheFree: 1 olcDbDNcacheSize: 0 structuralObjectClass: olcHdbConfig entryUUID: 140c5ffc-f953-102c-9659-bb5cef3694ca creatorsName: cn=config createTimestamp: 20080808050326Z olcDbIndex: objectClass eq olcDbIndex: mail eq olcAccess: {0}to dn.subtree="ou=users,dc=tpro,dc=ca" filter="(objectClass=sldM ailRecipient)" attrs=mail,sldMailbox,userPassword by dn="cn=dovecot,dc=tpro,dc=ca" read by * break olcAccess: {1}to attrs=entry,uid,objectClass by dn.base="cn=dn-search,dc=tpro,dc=ca" read by * break olcAccess: {2}to attrs=userPassword,shadowLastChange by dn.base="cn=admin,dc= tpro,dc=ca" write by anonymous auth by self write by * none olcAccess: {3}to dn.base="" by * read olcAccess: {4}to * by dn.base="cn=admin,dc=tpro,dc=ca" write by * read entryCSN: 20080818145521.939111Z#000000#000#000000 modifiersName: cn=admin,DC=tpro,DC=ca modifyTimestamp: 20080820145521Z
I'm using Ubuntu package for slapd 2.4.11.
Any hints?
Regards, maykel
++++++++++++++++++++++++++++++++++++++ Chris G. Sellers | Internet Engineer | NITLE 734.661.2318 | chris.sellers@nitle.org Jabber: csellers@nitle.org | AIM: imthewherd
Chris G. Sellers wrote:
I'm curious why the error says "DC= " yet your file says "dc=" The case mismatch is interesting, however, should not matter.
PROXIED attribute DC inserted is more of what I'm interested in. Is this server setup with replication by chance already? If so, you will want to turn that off before you initialize it otherwise that could get in the way. Or, do you have referrals setup already? (didn't see them in the config).
The fact that DC is proxied means that the server did not get fed with appropriate schema info.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------
On jue, 2008-08-21 at 22:43 +0200, Pierangelo Masarati wrote:
Chris G. Sellers wrote:
I'm curious why the error says "DC= " yet your file says "dc=" The case mismatch is interesting, however, should not matter.
PROXIED attribute DC inserted is more of what I'm interested in. Is this server setup with replication by chance already? If so, you will want to turn that off before you initialize it otherwise that could get in the way. Or, do you have referrals setup already? (didn't see them in the config).
The fact that DC is proxied means that the server did not get fed with appropriate schema info.
p.
I though it would has something to do with some db corruption. I'd have to cold reboot my machine in some ocassions.
After a db4.2_recover with exit status 0 I was more intrigued.
Then I regenerate another cn=config and did a diff. Most of diff chunk are related to {create,modify}Timestamp operation attributes. Other are sustitutions like s/1.3.6.1.4.1.1466.115.121.1.27/OMsInteger/ and so.
These ones called my attention.
---- diff -urN slapd.d-200809151220/cn=config/cn=schema.ldif slapd.d/cn=config/cn=schema.ldif --- slapd.d-200809151220/cn=config/cn=schema.ldif 2008-08-05 15:24:49.000000000 -0400 +++ slapd.d/cn=config/cn=schema.ldif 2008-09-15 12:20:44.000000000 -0400 @@ -106,9 +106,9 @@ olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext' DESC 'mon itor context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIF ICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.1.1 NAME 'configContext' DESC 'co - nfig context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIF - ICATION USAGE dSAOperation ) +olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC 'conf + ig context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFIC + ATION USAGE dSAOperation ) ----
---- @@ -725,7 +714,7 @@ d configuration' SUP olcDatabaseConfig STRUCTURAL ) olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC 'SyncRepl Prov ider configuration' SUP olcOverlayConfig STRUCTURAL MAY ( olcSpCheckpoint $ o - lcSpSessionlog $ olcSpNoPresent ) ) + lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) ) olcObjectClasses: ( OLcfgOvOc:4.1 NAME 'olcAccessLogConfig' DESC 'Access log c onfiguration' SUP olcOverlayConfig STRUCTURAL MUST olcAccessLogDB MAY ( olcAc cessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld $ olcA ----
Does the trailing '/' here is relevant? ---- diff -urN slapd.d-200809151220/cn=config.ldif slapd.d/cn=config.ldif --- slapd.d-200809151220/cn=config.ldif 2008-08-26 13:02:55.000000000 -0400 +++ slapd.d/cn=config.ldif 2008-09-15 12:20:44.000000000 -0400 @@ -1,8 +1,8 @@ dn: cn=config objectClass: olcGlobal cn: config -olcConfigFile: slapd.conf -olcConfigDir: slapd.d/ +olcConfigFile: __slapd.__conf +olcConfigDir: slapd.d ----
--------------------------------------- Red Telematica de Salud - Cuba CNICM - Infomed
Maykel Moya wrote:
On jue, 2008-08-21 at 22:43 +0200, Pierangelo Masarati wrote:
Chris G. Sellers wrote:
I'm curious why the error says "DC= " yet your file says "dc=" The case mismatch is interesting, however, should not matter.
PROXIED attribute DC inserted is more of what I'm interested in. Is this server setup with replication by chance already? If so, you will want to turn that off before you initialize it otherwise that could get in the way. Or, do you have referrals setup already? (didn't see them in the config).
The fact that DC is proxied means that the server did not get fed with appropriate schema info.
p.
I though it would has something to do with some db corruption. I'd have to cold reboot my machine in some ocassions.
After a db4.2_recover with exit status 0 I was more intrigued.
Then I regenerate another cn=config and did a diff. Most of diff chunk are related to {create,modify}Timestamp operation attributes. Other are sustitutions like s/1.3.6.1.4.1.1466.115.121.1.27/OMsInteger/ and so.
These ones called my attention.
diff -urN slapd.d-200809151220/cn=config/cn=schema.ldif slapd.d/cn=config/cn=schema.ldif --- slapd.d-200809151220/cn=config/cn=schema.ldif 2008-08-05 15:24:49.000000000 -0400 +++ slapd.d/cn=config/cn=schema.ldif 2008-09-15 12:20:44.000000000 -0400 @@ -106,9 +106,9 @@ olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext' DESC 'mon itor context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIF ICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.1.1 NAME 'configContext' DESC 'co
- nfig context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE
NO-USER-MODIF
- ICATION USAGE dSAOperation )
+olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC 'conf
- ig context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE
NO-USER-MODIFIC
- ATION USAGE dSAOperation )
@@ -725,7 +714,7 @@ d configuration' SUP olcDatabaseConfig STRUCTURAL ) olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC 'SyncRepl Prov ider configuration' SUP olcOverlayConfig STRUCTURAL MAY ( olcSpCheckpoint $ o
- lcSpSessionlog $ olcSpNoPresent ) )
- lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
olcObjectClasses: ( OLcfgOvOc:4.1 NAME 'olcAccessLogConfig' DESC 'Access log c onfiguration' SUP olcOverlayConfig STRUCTURAL MUST olcAccessLogDB MAY ( olcAc cessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld $ olcA
Does the trailing '/' here is relevant?
diff -urN slapd.d-200809151220/cn=config.ldif slapd.d/cn=config.ldif --- slapd.d-200809151220/cn=config.ldif 2008-08-26 13:02:55.000000000 -0400 +++ slapd.d/cn=config.ldif 2008-09-15 12:20:44.000000000 -0400 @@ -1,8 +1,8 @@ dn: cn=config objectClass: olcGlobal cn: config -olcConfigFile: slapd.conf -olcConfigDir: slapd.d/ +olcConfigFile: __slapd.__conf
+olcConfigDir: slapd.d
Red Telematica de Salud - Cuba CNICM - Infomed
Most of those differences seem to be related to upgrading across non-trivial database upgrades (schema promoted from experimental to release (s/666/1/) and so. I am unsure about how backward-compatible back-config is, especially in those cases. It shouldn't care, since most of the above issues are related to hardcoded pieces of schema, which cannot be overridden by their on-disk representation. Probably, the whole thing should be audited, to assess if there is any issue.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------
openldap-software@openldap.org
-
Chris G. Sellers -
Maykel Moya -
Pierangelo Masarati