Hide Forgot
Description of problem: When the constraint overlay is enabled and the restrict parameter is configured, this can cause all modify operations to fail on the affected entries. Version-Release number of selected component (if applicable): openldap-servers-2.4.23-26 How reproducible: 100% Steps to reproduce: - install openldap-servers-2.4.23-26 or later - enable the constraint overlay - configure a constraint attribute with the restrict parameter set. Example: uid regex ^[[:alnum:]-]+$ restrict="ldap:///ou=people,dc=example,dc=com??sub?(objectClass=inetOrgPerson)" - add an entry which is included in the restriction set in the constraint, and which contains the attribute (uid in the example). Example: uid=tuser,ou=people,dc=exanoke,dc=com - try to add a different attribute. I have tested with carLicense. Adding the attribute fails. - if the constraint is removed, carLicense is added and the constraint on uid is enabled again, carLicense cannot be modified. Actual results: all modify options fails. Expected results: Additional info: http://www.openldap.org/its/index.cgi?findid=7168 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7340;selectid=7340;usearchives=1
Created attachment 823337 [details] Patch slapo-constraint -- include upstream fixes
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1426.html