hi-
i'm running slapcat from a daily cron job to back up cn=config and other databases. i've recently updated from 2.4.21 to 2.4.23, and notice now in the output of slapcat, messages such as
slapcat -b 'cn=config' -l 'config.ldif' > /dev/null
PROXIED attributeDescription "OU" inserted. PROXIED attributeDescription "DC" inserted.
a bit of searching seems to indicate that these shouldn't be cause for concern, and are just informative messages.
since these messages are written to stderr, cron sends email every time it runs slapcat. if they're not errors, do they maybe belong in stdout rather than stderr? alternatively, can these messages be suppressed? according to the man page, there doesn't appear a way to do so.
Quite odd this emerged while upgrading from 2.4.21 to 2.4.23. In any case, that message indicates that "ou" and "dc" are not known; since those attributes are defined in core schema, and you probably want core.schema to be loaded, your configuration could be broken, so I'd fix that before suppressing error messages.
hmm - this confuses me. i believe that the ou and dc attributes are known to the system, as demonstrated below, to the best of my abilities. what can i do to reveal more clues regarding this?
# entries present in back-config filesystem
grep -A 3 -iF 'olcAttributeTypes: {49}' cn={0}core.ldif
olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainCompone nt' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBST R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VA LUE )
grep -A 3 -iF 'olcAttributeTypes: {8}' cn={0}core.ldif
olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC ' RFC2256: organizational unit this object belongs to' SUP name ) olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated with the entity' SUP name )
# entries present in cn=config directory
ldapsearch -LLLxZZWH 'ldap://dsa.dipswitch.net' -D
'uid=dit_admin,ou=role_accounts,ou=accounts,dc=dipswitch,dc=net' -b 'cn={0}core,cn=schema,cn=config' -s base 'olcattributetypes' | grep -A 3 -i 'domainCompon' Enter LDAP Password: olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainCompone nt' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBST R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VA LUE )
ldapsearch -LLLxZZWH 'ldap://dsa.dipswitch.net' -D
'uid=dit_admin,ou=role_accounts,ou=accounts,dc=dipswitch,dc=net' -b 'cn={0}core,cn=schema,cn=config' -s base 'olcattributetypes' | grep -A 1 -i 'organizationalunit' Enter LDAP Password: olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC ' RFC2256: organizational unit this object belongs to' SUP name )
# entries present in cn=subschema
ldapsearch -LLLxH 'ldap://dsa.dipswitch.net' -s base -b
'cn=subschema' 'attributetypes' | grep -A 2 -i domainComponent attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) D ESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseI gnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- VALUE )
ldapsearch -LLLxH 'ldap://dsa.dipswitch.net' -s base -b
'cn=subschema' 'attributetypes' | grep -A 1 -i organizationalunit attributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC 'RFC225 6: organizational unit this object belongs to' SUP name )