Hello:
I'm new to openldap and just finished installing it from the ubuntu repository , I added a set of records and now would like to add indexing on some of the record attributes .
I read extensively on how to do this , however every attempt ends in failure , I'm not grasping the procedures correctly.
I'm using Openldap 2.4 that uses the cn=config method of configuration instead of the slapd.conf file.
I created an ldif file containing :
dn: olcDatabase={1}hdb,cn=config add: olcDbIndex olcDbIndex: cdmadauserstatus eq
using : sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f AddIndexs.ldif
it respons with : ldapmodify: wrong attributeType at line 3, entry "olcDatabase={1}hdb,cn=config"
Can someone please show me a example of the correct syntax and proper commands to add indexs ?
The documentation is pretty clear how to do it using the older method of the config file , but I can't seem to find any working examples of using the new dynamic way . My time is running out I'll have to dump every thing and start with a re build from source if I can't find an answer.
thank you for your assistance.
Greg
contents of olcDatabase={1},cn=config : # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 29ec482d dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=acsalaska,dc=net olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou s auth by dn="cn=admin,dc=acsalaska,dc=net" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by self write by dn="cn=admin,dc=acsalaska,dc=net" write by * read olcLastMod: TRUE olcRootDN: cn=admin,dc=acsalaska,dc=net olcRootPW:: e1NTSEF9cHFUS2t1RWorRjYvZk5wYWZveEZVSCtCQk8xclQzc20= olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcDbIndex: uid eq,pres,sub structuralObjectClass: olcHdbConfig entryUUID: 61596770-3b76-1034-8c70-dd19f7d221e0 creatorsName: cn=config createTimestamp: 20150128201708Z entryCSN: 20150128214111.474826Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20150128214111Z
hello,
I guess you miss the changetype: line
dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcDbIndex olcDbIndex: cdmadauserstatus eq
2015-03-04 0:25 GMT+04:00 Greg Jetter gjetter@gci.com:
Hello:
I'm new to openldap and just finished installing it from the ubuntu repository , I added a set of records and now would like to add indexing on some of the record attributes .
I read extensively on how to do this , however every attempt ends in failure , I'm not grasping the procedures correctly.
I'm using Openldap 2.4 that uses the cn=config method of configuration instead of the slapd.conf file.
I created an ldif file containing :
dn: olcDatabase={1}hdb,cn=config add: olcDbIndex olcDbIndex: cdmadauserstatus eq
using : sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f AddIndexs.ldif
it respons with : ldapmodify: wrong attributeType at line 3, entry "olcDatabase={1}hdb,cn=config"
Can someone please show me a example of the correct syntax and proper commands to add indexs ?
The documentation is pretty clear how to do it using the older method of the config file , but I can't seem to find any working examples of using the new dynamic way . My time is running out I'll have to dump every thing and start with a re build from source if I can't find an answer.
thank you for your assistance.
Greg
contents of olcDatabase={1},cn=config : # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 29ec482d dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=acsalaska,dc=net olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou s auth by dn="cn=admin,dc=acsalaska,dc=net" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by self write by dn="cn=admin,dc=acsalaska,dc=net" write by
- read
olcLastMod: TRUE olcRootDN: cn=admin,dc=acsalaska,dc=net olcRootPW:: e1NTSEF9cHFUS2t1RWorRjYvZk5wYWZveEZVSCtCQk8xclQzc20= olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcDbIndex: uid eq,pres,sub structuralObjectClass: olcHdbConfig entryUUID: 61596770-3b76-1034-8c70-dd19f7d221e0 creatorsName: cn=config createTimestamp: 20150128201708Z entryCSN: 20150128214111.474826Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20150128214111Z
Greg Jetter gjetter@gci.com writes:
dn: olcDatabase={1}hdb,cn=config add: olcDbIndex olcDbIndex: cdmadauserstatus eq
Are you sure the attribute name (cdmadauserstatus) is spelled correctly? Other that that, your LDIF seems sane.
Ferenc Wagner wrote:
Greg Jetter gjetter@gci.com writes:
dn: olcDatabase={1}hdb,cn=config add: olcDbIndex olcDbIndex: cdmadauserstatus eq
Are you sure the attribute name (cdmadauserstatus) is spelled correctly? Other that that, your LDIF seems sane.
No, the LDIF is incorrect. Jephte's response was correct. http://www.openldap.org/lists/openldap-technical/201503/msg00026.html
Howard Chu hyc@symas.com writes:
Ferenc Wagner wrote:
Greg Jetter gjetter@gci.com writes:
dn: olcDatabase={1}hdb,cn=config add: olcDbIndex olcDbIndex: cdmadauserstatus eq
Are you sure the attribute name (cdmadauserstatus) is spelled correctly? Other that that, your LDIF seems sane.
No, the LDIF is incorrect. Jephte's response was correct. http://www.openldap.org/lists/openldap-technical/201503/msg00026.html
With due respect, let me quote from man ldapmodify:
ldapadd is implemented as a hard link to the ldapmodify tool. When invoked as ldapadd the -a (add new entry) flag is turned on automatically. [...] -a Add new entries. The default for ldapmodify is to modify existing entries. If invoked as ldapadd, this flag is always set.
And indeed, I routinely leave out the changetype: modify line when using ldapmodify. I've even got the following index.ldif handy:
dn: olcDatabase={1}mdb,cn=config delete: olcDbIndex olcDbIndex: entryUUID,gidNumber,[...],uidNumber,uniqueMember pres,eq - add: olcDbIndex olcDbIndex: entryCSN,entryUUID,gidNumber,[...],uidNumber,uniqueMember pres,eq
corresponding to this history entry:
$ sudo ldapmodify -Y external -H ldapi:// -f index.ldif
So it worked without the changetype line. Also, the error message:
ldapmodify: wrong attributeType at line 3, entry
either talks about olcDbIndex or cdmadauserstatus, but the former is certainly valid.
Anyway: is leaving out changetype unsupported usage? Or discouraged, OpenLDAP specific?
openldap-technical@openldap.org
-
Ferenc Wagner -
Greg Jetter -
Howard Chu -
Jephte Clain