Hi all,
I have defined a DIT (LMDB) as follows:
dn: olcDatabase={3}mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: {3}mdb olcDbDirectory: /var/lib/ldap/mycompany/o=mycompany olcSuffix: o=mycompany olcRootDN: uid=admin,ou=system olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="uid=admin,ou=system" write by anonymous auth by self write by * none olcAccess: {1}to * by dn="uid=admin,ou=system" write by * none olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcSyncUseSubentry: FALSE olcMonitoring: TRUE olcDbEnvFlags: writemap olcDbEnvFlags: nometasync olcDbNoSync: FALSE olcDbIndex: objectClass pres,eq olcDbIndex: cn pres,eq,sub olcDbIndex: uid pres,eq,sub olcDbIndex: uidNumber pres,eq olcDbIndex: gidNumber pres,eq olcDbIndex: mail pres,eq,sub olcDbIndex: ou pres,eq,sub olcDbIndex: sn pres,eq,sub olcDbIndex: givenName pres,eq,sub olcDbIndex: loginShell pres,eq olcDbIndex: memberUid pres,eq,sub olcDbIndex: nisMapName pres,eq,sub olcDbIndex: nisMapEntry pres,eq,sub olcDbMaxReaders: 0 olcDbMaxSize: 4294967296 olcDbMode: 0600 olcDbSearchStack: 16
I can add the root entry as:
dn: o=mycompany objectClass: organization objectClass: top o: mycompany
And I can also add and delete sub-entries under o=mycompany. But I can not delete the root entry o=mycompany, even there is no sub-entry below it.
Please no that the rootdn (uid=admin,ou=system) is not under the subffix (o=mycompany), that is why no rootPW is defined for this DIT. The rootDN and rootPW are defined in the second DIT (in BDB)
The weird thing was that I could search and found it:
ldapsearch -x -D uid=admin,ou=system -w XXXXXXXXX -H ldap://localhost:389 -b o=mycompany # extended LDIF # # LDAPv3 # base <o=cornerbank> with scope subtree # filter: (objectclass=*) # requesting: ALL #
# mycompany dn: o=mycompany o: mycompany objectClass: organization objectClass: top
# search result search: 2 result: 0 Success
But it would fail if I tried to delete it:
$ ldapdelete -x -D uid=admin,ou=system -w XXXXXXXXX -H ldap://localhost:389 o=mycompany ldap_delete: No such object (32) 32
In the other words, I could import the whole DIT for o=mycompany, but could not delete the whole DIT (the root entry o=mycompany could not be deleted). Does somebody know how to solve this problem? Thanks!
Regards