Thanks for the replies.

Here's some log output showing the content of one of the failed entries:

2017-07-13 12:00:15,864 SEVERE [com.example.ldap.LdapUtils] (113,pool-6-thread-20) Failed to add following properties to uniqueIdentifier=a18d33ebf8ecda02336b1e10d850ba56:-
businessCategory: PYCJ7ERc...
objectClass: certificateData
objectClass: top
uniqueIdentifier: a18d33ebf8ecda...
cACertificate;binary: 308204423082032AA00302010202010...
cACertificate;binary: 3082039C30820284A00302010202010...
createDate: 20170713120015+0100
encryptedObject: 00085341414B5...

Looks like the repeated cACertificate attributes do actually have different values.

On 12 July 2017 at 21:09, Quanah Gibson-Mount <quanah@symas.com> wrote:

--On Monday, July 10, 2017 11:11 PM +0100 Brad <braduk1973@gmail.com> wrote:

The error seems pretty straight forward:

Caused by: javax.naming.directory.AttributeInUseException: [LDAP: error
code 20 - cACertificate;binary: value #0 provided more than once];

I.e., you've provided the exact same value more than once in your write op. For example, you'd see a similar failure with:

dn: <blah>
changetype:modify
add: sn
sn: smith
sn: smith

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>