directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu" <>
Subject Re: LS Possible Bug?
Date Mon, 23 Apr 2007 18:12:34 GMT

On 4/23/07, Stefan Seelmann <> wrote:

> Then I copied:
> > ou=users,ou=system
> >
> > And pasted it in ou=das.
> >
> > This is probably not a valid operation (Although
> > it looks as if LS is smart enough to rename the entry
> > properly, substituting ou=das for ou=system),
> > so I get this:
> From LS point of view this is a valid operation. It just copies the
> relative entry with its RDN. It behaves like when you copy a folder in
> your favorite filesystem browser.
> >
> > Error while copying entry
> > [LDAP: error code 32 - failed to add entry ou=users,ou=das:
> > ou=users,ou=das]
> >   [LDAP: error code 32 - failed to add entry ou=users,ou=das:
> > ou=users,ou=das]
> >
> Error 32 is a response from the server. So please check the server logs
> for details.
> >
> > However, LS still paints it as if it was added.
> >
> > If I select the ou=das partition and hit
> > F5 for a refresh, the painted entry disappears.
> >
> > Thoughts?
> Yep, you are right. That is a bug in LS. If the operation fails there is
> an inconsistency between the model and the directory. Could you please
> file a Jira?


On second thought this may be a server bug or limitation.  If you are using
a JNDI rename operation in LS which I think is the case then a move
operation is the case then you're performing what is internally a move()
operation.  The problem is move operations in ApacheDS are limited to the
same partition.  I don't know for sure but I'm about 80% certain of it.

So if Ole is trying to move a branch from one partition to another the
server will reject the operation or there will be some internal error.  The
only way to move a branch in ApacheDS today from one partition to another is
to do an LDIF export, massage the data with a regex and then import the LDIF
back in.

Sorry about this.

Making this operation work across partitions will cost in terms of
performance however the implementation of the operation is simple enough to
implement quickly.

Ole can you try something for me?  Create a dummy entry (anything under
ou=system).  Create some new container in ou=system like ou=temp,ou=system
and see if you can move that dummy entry (other than ou=users) into it.
This should work since you're in the same partition.

Then try to move the dummy entry from the system partition into your das
partition and see how that goes.  I suspect this will fail.

BTW the reason why I don't want to work with ou=users is because the default
authorization manager might be protecting it from move operations.  As you
can immaging this could be a very dangerous operation to perform.


View raw message