Bug 1062763
| Summary: | single valued attribute replicated ADD does not work | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Rich Megginson <rmeggins> | |
| Component: | 389-ds-base | Assignee: | Rich Megginson <rmeggins> | |
| Status: | CLOSED ERRATA | QA Contact: | Sankar Ramalingam <sramling> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 6.5 | CC: | amsharma, ctrianta, gparente, jgalipea, lkrispen, nhosoi, nkinder, rmeggins | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | 389-ds-base-1.2.11.15-39.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1063990 1108909 (view as bug list) | Environment: | ||
| Last Closed: | 2014-10-14 07:53:01 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1063990, 1108909 | |||
|
Description
Rich Megginson
2014-02-07 22:59:57 UTC
Hot fix is now available: http://download.devel.redhat.com/brewroot/packages/389-ds-base/1.2.11.15/31.3.7p.el6_5/ no, you need to import a manipulated ldif file on both masters, setup replication and do some modifications aón a single valued attribute eg employeenumber get a basic ldif file by db2ldif -r edit one entry to have svattr;adcsn-XXXX;vdcsn-XXXX;deletedattribute;deleted: NOTE: svattr is just the placeholder forthe type of the single valued attr, eg employeenumber XXXX is just a placeholder for a valid CSN, you will find some in your export ldif file Don't use ldapadd. You'll have to have an LDIF file created by using db2ldif -r. Then add an entry with the deleted attribute, then use ldif2db to load it. 0. MMR setup
[root@dhcp201-155 ~]# ps -aef | grep slapd
svrbld 1508 1 0 Jul07 ? 00:00:23 ./ns-slapd -D /etc/dirsrv/slapd-dhcp201-155 -i /var/run/dirsrv/slapd-dhcp201-155.pid -w /var/run/dirsrv/slapd-dhcp201-155.startpid
svrbld 5542 1 0 Jul07 ? 00:00:25 ./ns-slapd -D /etc/dirsrv/slapd-M1 -i /var/run/dirsrv/slapd-M1.pid -w /var/run/dirsrv/slapd-M1.startpid
svrbld 6023 1 0 Jul07 ? 00:00:25 ./ns-slapd -D /etc/dirsrv/slapd-M2 -i /var/run/dirsrv/slapd-M2.pid -w /var/run/dirsrv/slapd-M2.startpid
svrbld 6506 1 0 Jul07 ? 00:00:24 ./ns-slapd -D /etc/dirsrv/slapd-M3 -i /var/run/dirsrv/slapd-M3.pid -w /var/run/dirsrv/slapd-M3.startpid
svrbld 6987 1 0 Jul07 ? 00:00:28 ./ns-slapd -D /etc/dirsrv/slapd-M4 -i /var/run/dirsrv/slapd-M4.pid -w /var/run/dirsrv/slapd-M4.startpid
root 21464 21405 0 02:26 pts/0 00:00:00 grep slapd
[root@dhcp201-155 ~]# netstat -nlp | grep slapd
tcp 0 0 :::35920 :::* LISTEN 1508/./ns-slapd
tcp 0 0 :::30100 :::* LISTEN 5542/./ns-slapd
tcp 0 0 :::30101 :::* LISTEN 5542/./ns-slapd
tcp 0 0 :::30102 :::* LISTEN 6023/./ns-slapd
tcp 0 0 :::30103 :::* LISTEN 6023/./ns-slapd
tcp 0 0 :::30104 :::* LISTEN 6506/./ns-slapd
tcp 0 0 :::30105 :::* LISTEN 6506/./ns-slapd
tcp 0 0 :::30106 :::* LISTEN 6987/./ns-slapd
tcp 0 0 :::30107 :::* LISTEN 6987/./ns-slapd
1. ldapadd having employeenumber(svattr)
ldapadd -x -h localhost -p 30100 -D "cn=Directory Manager" -w Secret123 << EOF
dn: uid=sghai,ou=people,dc=example,dc=com
cn: sghai
sn: sgahi
givenname: sghai
employeeNumber: 117
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: sghai
mail: sghai
userpassword: Secret123
EOF
2. do some modifications and then db2ldif -r
ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF
dn: uid=sghai,ou=people,dc=example,dc=com
changetype: modify
replace: employeeNumber
employeeNumber: 117117
EOF
[root@dhcp201-155 ~]# service dirsrv stop
Shutting down dirsrv:
dhcp201-155... [ OK ]
M1... [ OK ]
M2... [ OK ]
M3... [ OK ]
M4... [ OK ]
[root@dhcp201-155 ~]# /usr/lib64/dirsrv/slapd-M1/db2ldif -r -s "dc=example,dc=com"
Exported ldif file: /var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_024107.ldif
[08/Jul/2014:02:41:07 -0400] - Backend Instance(s):
[08/Jul/2014:02:41:07 -0400] - userRoot
ldiffile: /var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_024107.ldif
[08/Jul/2014:02:41:08 -0400] - export userRoot: Processed 163 entries (100%).
[08/Jul/2014:02:41:08 -0400] - Waiting for 4 database threads to stop
[08/Jul/2014:02:41:08 -0400] - All database threads now stopped
3. edit ldif to have svattr;adcsn-XXXX;vdcsn-XXXX;deletedattribute;deleted:
# entry-id: 163
dn: uid=amita,ou=People,dc=example,dc=com
modifyTimestamp;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000: 2014070
8063511Z
modifiersName;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000: cn=direct
ory manager
REPLACED
========
employeeNumber;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000: 117117
WITH
======
employeeNumber;adcsn-53bb982f000000010000;deletedattribute;deleted:
cn;vucsn-53bb905e000000010000: amita
sn;vucsn-53bb905e000000010000: amita
givenName;vucsn-53bb905e000000010000: amita
objectClass;vucsn-53bb905e000000010000: top
objectClass;vucsn-53bb905e000000010000: person
objectClass;vucsn-53bb905e000000010000: organizationalPerson
objectClass;vucsn-53bb905e000000010000: inetOrgPerson
uid;vucsn-53bb905e000000010000;mdcsn-53bb905e000000010000: amita
mail;vucsn-53bb905e000000010000: amita
userPassword;vucsn-53bb905e000000010000: {SSHA}WIy6RNZHrw0oXRHWFzuznotRhGFZt+J
QGFVkFQ==
creatorsName;vucsn-53bb905e000000010000: cn=directory manager
createTimestamp;vucsn-53bb905e000000010000: 20140708063156Z
nsUniqueId: 87584801-066911e4-99b5e021-e73f64cf
4. then import using ldif2db
[root@dhcp201-155 ~]# /usr/lib64/dirsrv/slapd-M1/ldif2db -s "dc=example,dc=com" -i "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_024107.ldif"
importing data ...
[08/Jul/2014:02:46:35 -0400] - Backend Instance: userRoot
[08/Jul/2014:02:46:36 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[08/Jul/2014:02:46:36 -0400] - check_and_set_import_cache: pagesize: 4096, pages: 255092, procpages: 52144
[08/Jul/2014:02:46:36 -0400] - WARNING: After allocating import cache 408144KB, the available memory is 612224KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import.
[08/Jul/2014:02:46:36 -0400] - Import allocates 408144KB import cache.
[08/Jul/2014:02:46:36 -0400] - import userRoot: Beginning import job...
[08/Jul/2014:02:46:36 -0400] - import userRoot: Index buffering enabled with bucket size 100
[08/Jul/2014:02:46:36 -0400] - import userRoot: Processing file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_024107.ldif"
[08/Jul/2014:02:46:36 -0400] - import userRoot: Finished scanning file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_024107.ldif" (163 entries)
[08/Jul/2014:02:46:37 -0400] - import userRoot: Workers finished; cleaning up...
[08/Jul/2014:02:46:37 -0400] - import userRoot: Workers cleaned up.
[08/Jul/2014:02:46:37 -0400] - import userRoot: Cleaning up producer thread...
[08/Jul/2014:02:46:37 -0400] - import userRoot: Indexing complete. Post-processing...
[08/Jul/2014:02:46:37 -0400] - import userRoot: Generating numSubordinates complete.
[08/Jul/2014:02:46:37 -0400] - import userRoot: Flushing caches...
[08/Jul/2014:02:46:37 -0400] - import userRoot: Closing files...
[08/Jul/2014:02:46:37 -0400] - All database threads now stopped
[08/Jul/2014:02:46:37 -0400] - import userRoot: Import complete. Processed 163 entries in 1 seconds. (163.00 entries/sec)
5. [root@dhcp201-155 ~]# service dirsrv start
Starting dirsrv:
dhcp201-155... [ OK ]
M1... [ OK ]
M2... [ OK ]
M3... [ OK ]
M4... [ OK ]
6. ldapsearch M1
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9Zlk4MTVkNk56OE91dUMrdjgxMlVZcXVOaHdUTG1yMUpSZldDb3c9PQ=
=
# search result
search: 2
result: 0 Success
7. ldapsearch M2
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9Zlk4MTVkNk56OE91dUMrdjgxMlVZcXVOaHdUTG1yMUpSZldDb3c9PQ=
8. ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF
dn: uid=sghai,ou=people,dc=example,dc=com
changetype: modify
add: employeeNumber
employeeNumber: 117117
EOF
Search on both masters M1 and M2 returns accurate results
============================================================
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9Zlk4MTVkNk56OE91dUMrdjgxMlVZcXVOaHdUTG1yMUpSZldDb3c9PQ
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9Zlk4MTVkNk56OE91dUMrdjgxMlVZcXVOaHdUTG1yMUpSZldDb3c9PQ=
HENCE VERIFIED.
you need to reimport the manipulated ldif on BOTH masters before adding a new value and you should also keep the vdcsn. Your replace should look like: REPLACED ======== employeeNumber;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000: 117117 WITH ====== employeeNumber;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000;deletedattribute;deleted: Hey Ludwig,
Thanks for your comment, It does not work with this method.
I want to understand one thing here.
Why we need to reimport manipulated ldif on BOTH masters when they are in sync via replication?
[root@dhcp201-155 export]# rpm -qa | grep 389
389-ds-base-1.2.11.15-38.el6.x86_64
389-ds-base-debuginfo-1.2.11.15-36.el6.x86_64
389-adminutil-1.1.17-1.el6.x86_64
389-ds-base-libs-1.2.11.15-38.el6.x86_64
Here I follow you::
After modifying ::
===============
# entry-id: 162
dn: uid=sghai,ou=People,dc=example,dc=com
modifyTimestamp;adcsn-53bbc254000000010000;vucsn-53bbc254000000010000: 2014070
8100507Z
modifiersName;adcsn-53bbc254000000010000;vucsn-53bbc254000000010000: cn=direct
ory manager
employeeNumber;adcsn-53bbc254000000010000;vucsn-53bbc254000000010000;deletedattribute;deleted:
cn;vucsn-53bbc24b000000010000: sghai
sn;vucsn-53bbc24b000000010000: sgahi
givenName;vucsn-53bbc24b000000010000: sghai
objectClass;vucsn-53bbc24b000000010000: top
objectClass;vucsn-53bbc24b000000010000: person
objectClass;vucsn-53bbc24b000000010000: organizationalPerson
objectClass;vucsn-53bbc24b000000010000: inetOrgPerson
uid;vucsn-53bbc24b000000010000;mdcsn-53bbc24b000000010000: sghai
mail;vucsn-53bbc24b000000010000: sghai
userPassword;vucsn-53bbc24b000000010000: {SSHA}+N+PJugarEASBZxedcvlCT85Kt+ootr
WIxRREQ==
creatorsName;vucsn-53bbc24b000000010000: cn=directory manager
createTimestamp;vucsn-53bbc24b000000010000: 20140708100459Z
nsUniqueId: 3b1c0081-068711e4-b947a0de-71e47b6f
reimported to both masters::
=============================
[root@dhcp201-155 export]# /usr/lib64/dirsrv/slapd-M1/ldif2db -s "dc=example,dc=com" -i "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif"
importing data ...
[08/Jul/2014:06:07:32 -0400] - Backend Instance: userRoot
[08/Jul/2014:06:07:32 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[08/Jul/2014:06:07:32 -0400] - check_and_set_import_cache: pagesize: 4096, pages: 255092, procpages: 52145
[08/Jul/2014:06:07:32 -0400] - WARNING: After allocating import cache 408144KB, the available memory is 612224KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import.
[08/Jul/2014:06:07:32 -0400] - Import allocates 408144KB import cache.
[08/Jul/2014:06:07:32 -0400] - import userRoot: Beginning import job...
[08/Jul/2014:06:07:32 -0400] - import userRoot: Index buffering enabled with bucket size 100
[08/Jul/2014:06:07:32 -0400] - import userRoot: Processing file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif"
[08/Jul/2014:06:07:32 -0400] - import userRoot: Finished scanning file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif" (162 entries)
[08/Jul/2014:06:07:33 -0400] - import userRoot: Workers finished; cleaning up...
[08/Jul/2014:06:07:33 -0400] - import userRoot: Workers cleaned up.
[08/Jul/2014:06:07:33 -0400] - import userRoot: Cleaning up producer thread...
[08/Jul/2014:06:07:33 -0400] - import userRoot: Indexing complete. Post-processing...
[08/Jul/2014:06:07:34 -0400] - import userRoot: Generating numSubordinates complete.
[08/Jul/2014:06:07:34 -0400] - import userRoot: Flushing caches...
[08/Jul/2014:06:07:34 -0400] - import userRoot: Closing files...
[08/Jul/2014:06:07:34 -0400] - All database threads now stopped
[08/Jul/2014:06:07:34 -0400] - import userRoot: Import complete. Processed 162 entries in 2 seconds. (81.00 entries/sec)
[root@dhcp201-155 export]# /usr/lib64/dirsrv/slapd-M2/ldif2db -s "dc=example,dc=com" -i "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif"
importing data ...
[08/Jul/2014:06:07:53 -0400] - Backend Instance: userRoot
[08/Jul/2014:06:07:53 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[08/Jul/2014:06:07:53 -0400] - check_and_set_import_cache: pagesize: 4096, pages: 255092, procpages: 52143
[08/Jul/2014:06:07:53 -0400] - WARNING: After allocating import cache 408144KB, the available memory is 612224KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import.
[08/Jul/2014:06:07:53 -0400] - Import allocates 408144KB import cache.
[08/Jul/2014:06:07:53 -0400] - import userRoot: Beginning import job...
[08/Jul/2014:06:07:53 -0400] - import userRoot: Index buffering enabled with bucket size 100
[08/Jul/2014:06:07:53 -0400] - import userRoot: Processing file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif"
[08/Jul/2014:06:07:53 -0400] - import userRoot: Finished scanning file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_07_08_060527.ldif" (162 entries)
[08/Jul/2014:06:07:54 -0400] - import userRoot: Workers finished; cleaning up...
[08/Jul/2014:06:07:54 -0400] - import userRoot: Workers cleaned up.
[08/Jul/2014:06:07:54 -0400] - import userRoot: Cleaning up producer thread...
[08/Jul/2014:06:07:54 -0400] - import userRoot: Indexing complete. Post-processing...
[08/Jul/2014:06:07:54 -0400] - import userRoot: Generating numSubordinates complete.
[08/Jul/2014:06:07:54 -0400] - import userRoot: Flushing caches...
[08/Jul/2014:06:07:54 -0400] - import userRoot: Closing files...
[08/Jul/2014:06:07:55 -0400] - All database threads now stopped
[08/Jul/2014:06:07:55 -0400] - import userRoot: Import complete. Processed 162 entries in 2 seconds. (81.00 entries/sec)
[root@dhcp201-155 export]# service dirsrv start
Starting dirsrv:
dhcp201-155... [ OK ]
M1... [ OK ]
M2... [ OK ]
M3... [ OK ]
M4... [ OK ]
search on M1
================
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9K04rUEp1Z2FyRUFTQlp4ZWRjdmxDVDg1S3Qrb290cldJeFJSRVE9PQ=
=
search on M2
================
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9K04rUEp1Z2FyRUFTQlp4ZWRjdmxDVDg1S3Qrb290cldJeFJSRVE9PQ=
[root@dhcp201-155 export]# ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF
> dn: uid=sghai,ou=people,dc=example,dc=com
> changetype: modify
> add: employeeNumber
> employeeNumber: 117117
> EOF
modifying entry "uid=sghai,ou=people,dc=example,dc=com"
search on M1
================
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9K04rUEp1Z2FyRUFTQlp4ZWRjdmxDVDg1S3Qrb290cldJeFJSRVE9PQ=
=
search on M2
===============
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber:
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9K04rUEp1Z2FyRUFTQlp4ZWRjdmxDVDg1S3Qrb290cldJeFJSRVE9PQ=
=
Please let me know in case you need more info.
I am moving bug to on qa.
if you manipulate an ldif and import it on only one server they no longer have the same data. So you need to import it on all servers. The method of manipulating the ldif is necessary as this use case cannot be triggered in RHDS alone. It shows up if an ldif was imported from another Directory server like SunDS Your steps look good now, we need to check the fix again. Which version of DS were you testing ? its is mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1062763#c10 [root@dhcp201-155 export]# rpm -qa | grep 389 389-ds-base-1.2.11.15-38.el6.x86_64 389-ds-base-libs-1.2.11.15-38.el6.x86_64 https://errata.devel.redhat.com/advisory/18069/builds Moving back to dev. Thanks Ludwig (In reply to Ludwig from comment #9) > you need to reimport the manipulated ldif on BOTH masters before adding a > new value and you should also keep the vdcsn. Your replace should look like: > > REPLACED > ======== > employeeNumber;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000: 117117 > WITH > ====== > employeeNumber;adcsn-53bb9121000000010000;vucsn-53bb9121000000010000; > deletedattribute;deleted: you need to use vdcsn, not vucsn, above. See the original comment: https://bugzilla.redhat.com/show_bug.cgi?id=1062763#c0 Hi Rich,
After importing with this ldif to both masters, M1 and M2::
# entry-id: 162
dn: uid=sghai,ou=People,dc=example,dc=com
modifyTimestamp;adcsn-53bd3639000400010000;vucsn-53bd3639000400010000: 2014070
9123152Z
modifiersName;adcsn-53bd3639000400010000;vucsn-53bd3639000400010000: cn=direct
ory manager
employeeNumber;adcsn-53bd3639000400010000;vdcsn-53bd3639000400010000: 117117
cn;vucsn-53bd3634000000010000: sghai
sn;vucsn-53bd3634000000010000: sgahi
givenName;vucsn-53bd3634000000010000: sghai
objectClass;vucsn-53bd3634000000010000: top
objectClass;vucsn-53bd3634000000010000: person
objectClass;vucsn-53bd3634000000010000: organizationalPerson
objectClass;vucsn-53bd3634000000010000: inetOrgPerson
uid;vucsn-53bd3634000000010000;mdcsn-53bd3634000000010000: sghai
mail;vucsn-53bd3634000000010000: sghai
userPassword;vucsn-53bd3634000000010000: {SSHA}YUnRpJelKBVsVWKUFonSs1rlGwiUVrA
8rXkj/w==
creatorsName;vucsn-53bd3634000000010000: cn=directory manager
createTimestamp;vucsn-53bd3634000000010000: 20140709123148Z
nsUniqueId: eea6f281-076411e4-af01bf62-fa96966c
They give me search results as::
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9WVVuUnBKZWxLQlZzVldLVUZvblNzMXJsR3dpVVZyQThyWGtqL3c9PQ=
So the employeeNumber: does not get deleted. No add operation required?
Is it what is expected?
your import file should contain a record like this, as Rich said: employeeNumber;adcsn-53bb9121000000010000;vdcsn-53bb9121000000010000; deletedattribute;deleted: vDcsn and deletedattribute;deleted: Not working for me::
Ldif..
# entry-id: 162
dn: uid=sghai,ou=People,dc=example,dc=com
modifyTimestamp;adcsn-53bd3639000400010000;vucsn-53bd3639000400010000: 2014070
9123152Z
modifiersName;adcsn-53bd3639000400010000;vucsn-53bd3639000400010000: cn=direct
ory manager
employeeNumber;adcsn-53bd3639000400010000;vdcsn-53bd3639000400010000;deletedattribute;deleted:
cn;vucsn-53bd3634000000010000: sghai
sn;vucsn-53bd3634000000010000: sgahi
givenName;vucsn-53bd3634000000010000: sghai
objectClass;vucsn-53bd3634000000010000: top
objectClass;vucsn-53bd3634000000010000: person
objectClass;vucsn-53bd3634000000010000: organizationalPerson
objectClass;vucsn-53bd3634000000010000: inetOrgPerson
uid;vucsn-53bd3634000000010000;mdcsn-53bd3634000000010000: sghai
mail;vucsn-53bd3634000000010000: sghai
userPassword;vucsn-53bd3634000000010000: {SSHA}YUnRpJelKBVsVWKUFonSs1rlGwiUVrA
8rXkj/w==
creatorsName;vucsn-53bd3634000000010000: cn=directory manager
createTimestamp;vucsn-53bd3634000000010000: 20140709123148Z
nsUniqueId: eea6f281-076411e4-af01bf62-fa96966c
[root@dhcp201-155 ~]# ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF
dn: uid=sghai,ou=people,dc=example,dc=com
changetype: modify
add: employeeNumber
employeeNumber: 117117
EOF
ldapsearch -x -h localhost -p 30100 -D "cn=Directory Manager" -w Secret123 -b "ou=people,dc=example,dc=com"
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
employeeNumber: 117117
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9WVVuUnBKZWxLQlZzVldLVUZvblNzMXJsR3dpVVZyQThyWGtqL3c9PQ=
ldapsearch -x -h localhost -p 30102 -D "cn=Directory Manager" -w Secret123 -b "ou=people,dc=example,dc=com"
# sghai, People, example.com
dn: uid=sghai,ou=People,dc=example,dc=com
cn: sghai
sn: sgahi
givenName: sghai
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: sghai
mail: sghai
userPassword:: e1NTSEF9WVVuUnBKZWxLQlZzVldLVUZvblNzMXJsR3dpVVZyQThyWGtqL3c9PQ=
Yes, looks like you have reproduced the problem. You are using 389-ds-base-1.2.11.15-34.el6? No, I as I mentioned before https://bugzilla.redhat.com/show_bug.cgi?id=1062763#c14 :: [root@dhcp201-155 export]# rpm -qa | grep 389 389-ds-base-1.2.11.15-38.el6.x86_64 389-ds-base-libs-1.2.11.15-38.el6.x86_64 It looks like issue is not fixed, I am moving it back to Assigned. Also, I would like to know is it worth opening separate bug for the case :: > 3. And also Is it acceptable/expected to get an empty empno. on second > master when it is coming properly on M1 with the value, even with the vucsn? fixed upstream [root@dhcp201-155 ~]# rpm -qa | grep 389 389-ds-base-libs-1.2.11.15-39.el6.x86_64 389-admin-debuginfo-1.1.34-1.el6.x86_64 389-ds-base-debuginfo-1.2.11.15-36.el6.x86_64 389-adminutil-1.1.17-1.el6.x86_64 389-adminutil-debuginfo-1.1.17-1.el6.x86_64 389-console-1.1.7-1.el6.noarch 389-ds-base-1.2.11.15-39.el6.x86_64 [root@dhcp201-155 ~]# ps -aef | grep dirsrv svrbld 967 1 0 07:54 ? 00:00:00 ./ns-slapd -D /etc/dirsrv/slapd-M1 -i /var/run/dirsrv/slapd-M1.pid -w /var/run/dirsrv/slapd-M1.startpid svrbld 1377 1 0 07:55 ? 00:00:01 ./ns-slapd -D /etc/dirsrv/slapd-M2 -i /var/run/dirsrv/slapd-M2.pid -w /var/run/dirsrv/slapd-M2.startpid svrbld 1792 1 0 07:56 ? 00:00:01 ./ns-slapd -D /etc/dirsrv/slapd-M3 -i /var/run/dirsrv/slapd-M3.pid -w /var/run/dirsrv/slapd-M3.startpid svrbld 2201 1 0 07:57 ? 00:00:00 ./ns-slapd -D /etc/dirsrv/slapd-M4 -i /var/run/dirsrv/slapd-M4.pid -w /var/run/dirsrv/slapd-M4.startpid root 3124 25056 0 08:10 pts/0 00:00:00 grep dirsrv svrbld 30603 1 0 07:50 ? 00:00:00 ./ns-slapd -D /etc/dirsrv/slapd-dhcp201-155 -i /var/run/dirsrv/slapd-dhcp201-155.pid -w /var/run/dirsrv/slapd-dhcp201-155.startpid [root@dhcp201-155 ~]# ldapadd -x -h localhost -p 30100 -D "cn=Directory Manager" -w Secret123 << EOF > dn: uid=sghai,ou=people,dc=example,dc=com > cn: sghai > sn: sgahi > givenname: sghai > employeeNumber: 117 > objectclass: top > objectclass: person > objectclass: organizationalPerson > objectclass: inetOrgPerson > uid: sghai > mail: sghai > userpassword: Secret123 > EOF adding new entry "uid=sghai,ou=people,dc=example,dc=com" [root@dhcp201-155 ~]# ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF > dn: uid=sghai,ou=people,dc=example,dc=com > changetype: modify > replace: employeeNumber > employeeNumber: 117117 > EOF modifying entry "uid=sghai,ou=people,dc=example,dc=com" [root@dhcp201-155 ~]# service dirsrv stop Shutting down dirsrv: dhcp201-155... [ OK ] M1... [ OK ] M2... [ OK ] M3... [ OK ] M4... [ OK ] [root@dhcp201-155 ~]# /usr/lib64/dirsrv/slapd-M1/db2ldif -r -s "dc=example,dc=com" Exported ldif file: /var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif [13/Aug/2014:08:11:22 -0400] - Backend Instance(s): [13/Aug/2014:08:11:22 -0400] - userRoot ldiffile: /var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif [13/Aug/2014:08:11:22 -0400] - export userRoot: Processed 162 entries (100%). [13/Aug/2014:08:11:22 -0400] - Waiting for 4 database threads to stop [13/Aug/2014:08:11:23 -0400] - All database threads now stopped [root@dhcp201-155 ~]# vim /var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif [root@dhcp201-155 ~]# /usr/lib64/dirsrv/slapd-M1/ldif2db -s "dc=example,dc=com" -i "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" importing data ... [13/Aug/2014:08:15:22 -0400] - Backend Instance: userRoot [13/Aug/2014:08:15:22 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [13/Aug/2014:08:15:22 -0400] - check_and_set_import_cache: pagesize: 4096, pages: 255090, procpages: 51631 [13/Aug/2014:08:15:22 -0400] - WARNING: After allocating import cache 408144KB, the available memory is 612216KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import. [13/Aug/2014:08:15:22 -0400] - Import allocates 408144KB import cache. [13/Aug/2014:08:15:22 -0400] - import userRoot: Beginning import job... [13/Aug/2014:08:15:22 -0400] - import userRoot: Index buffering enabled with bucket size 100 [13/Aug/2014:08:15:22 -0400] - import userRoot: Processing file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" [13/Aug/2014:08:15:22 -0400] - import userRoot: Finished scanning file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" (162 entries) [13/Aug/2014:08:15:23 -0400] - import userRoot: Workers finished; cleaning up... [13/Aug/2014:08:15:23 -0400] - import userRoot: Workers cleaned up. [13/Aug/2014:08:15:23 -0400] - import userRoot: Cleaning up producer thread... [13/Aug/2014:08:15:23 -0400] - import userRoot: Indexing complete. Post-processing... [13/Aug/2014:08:15:23 -0400] - import userRoot: Generating numSubordinates complete. [13/Aug/2014:08:15:23 -0400] - import userRoot: Flushing caches... [13/Aug/2014:08:15:23 -0400] - import userRoot: Closing files... [13/Aug/2014:08:15:23 -0400] - All database threads now stopped [13/Aug/2014:08:15:23 -0400] - import userRoot: Import complete. Processed 162 entries in 1 seconds. (162.00 entries/sec) [root@dhcp201-155 ~]# /usr/lib64/dirsrv/slapd-M2/ldif2db -s "dc=example,dc=com" -i "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" importing data ... [13/Aug/2014:08:15:35 -0400] - Backend Instance: userRoot [13/Aug/2014:08:15:35 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [13/Aug/2014:08:15:35 -0400] - check_and_set_import_cache: pagesize: 4096, pages: 255090, procpages: 51630 [13/Aug/2014:08:15:35 -0400] - WARNING: After allocating import cache 408144KB, the available memory is 612216KB, which is less than the soft limit 1048576KB. You may want to decrease the import cache size and rerun import. [13/Aug/2014:08:15:35 -0400] - Import allocates 408144KB import cache. [13/Aug/2014:08:15:36 -0400] - import userRoot: Beginning import job... [13/Aug/2014:08:15:36 -0400] - import userRoot: Index buffering enabled with bucket size 100 [13/Aug/2014:08:15:36 -0400] - import userRoot: Processing file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" [13/Aug/2014:08:15:36 -0400] - import userRoot: Finished scanning file "/var/lib/dirsrv/slapd-M1/ldif/M1-example-2014_08_13_081122.ldif" (162 entries) [13/Aug/2014:08:15:36 -0400] - import userRoot: Workers finished; cleaning up... [13/Aug/2014:08:15:37 -0400] - import userRoot: Workers cleaned up. [13/Aug/2014:08:15:37 -0400] - import userRoot: Cleaning up producer thread... [13/Aug/2014:08:15:37 -0400] - import userRoot: Indexing complete. Post-processing... [13/Aug/2014:08:15:37 -0400] - import userRoot: Generating numSubordinates complete. [13/Aug/2014:08:15:37 -0400] - import userRoot: Flushing caches... [13/Aug/2014:08:15:37 -0400] - import userRoot: Closing files... [13/Aug/2014:08:15:37 -0400] - All database threads now stopped [13/Aug/2014:08:15:37 -0400] - import userRoot: Import complete. Processed 162 entries in 1 seconds. (162.00 entries/sec) [root@dhcp201-155 ~]# service dirsrv start Starting dirsrv: dhcp201-155... [ OK ] M1... [ OK ] M2... [ OK ] M3... [ OK ] M4... [ OK ] [root@dhcp201-155 ~]# Search on M1:: =============== # sghai, People, example.com dn: uid=sghai,ou=People,dc=example,dc=com cn: sghai sn: sgahi givenName: sghai objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson uid: sghai mail: sghai userPassword:: e1NTSEF9ZXVLWGV5Z3E1YWVUWlZhSWFwM3ZpaFlqNndteWkxT2Jjdnp1SUE9PQ= Search on M2:: =============== # sghai, People, example.com dn: uid=sghai,ou=People,dc=example,dc=com cn: sghai sn: sgahi givenName: sghai objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson uid: sghai mail: sghai userPassword:: e1NTSEF9ZXVLWGV5Z3E1YWVUWlZhSWFwM3ZpaFlqNndteWkxT2Jjdnp1SUE9PQ= ldapmodify -a -h localhost -p 30100 -D "cn=directory manager" -w Secret123 << EOF dn: uid=sghai,ou=people,dc=example,dc=com changetype: modify add: employeeNumber employeeNumber: 117117 EOF M1 == # sghai, People, example.com dn: uid=sghai,ou=People,dc=example,dc=com employeeNumber: 117117 cn: sghai sn: sgahi givenName: sghai objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson uid: sghai mail: sghai userPassword:: e1NTSEF9ZXVLWGV5Z3E1YWVUWlZhSWFwM3ZpaFlqNndteWkxT2Jjdnp1SUE9PQ= M2 == # sghai, People, example.com dn: uid=sghai,ou=People,dc=example,dc=com employeeNumber: 117117 cn: sghai sn: sgahi givenName: sghai objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson uid: sghai mail: sghai userPassword:: e1NTSEF9ZXVLWGV5Z3E1YWVUWlZhSWFwM3ZpaFlqNndteWkxT2Jjdnp1SUE9PQ= Hence VERIFIED. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1385.html |