directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From houmles <houm...@gmail.com>
Subject Re: replication partially working
Date Fri, 11 May 2012 13:27:07 GMT
Found something more..
I have ou object and description in it. I can modify that description
and replicate it as long as administrativeRole is not present.
When I add administrativeRole, I got this error when I try to modify or
add any attribute:

jvm 1    | [15:21:29] ERROR
[org.apache.directory.server.core.schema.SchemaInterceptor] - ERR_54
Cannot add a value which is already present : accessControlSpecificArea
jvm 1    | [15:21:29] ERROR
[org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl]
- ERR_54 Cannot add a value which is already present :
accessControlSpecificArea
jvm 1    |
org.apache.directory.shared.ldap.model.exception.LdapAttributeInUseException:
ERR_54 Cannot add a value which is already present :
accessControlSpecificArea
jvm 1    |     at
org.apache.directory.server.core.schema.SchemaInterceptor.checkModifyEntry(SchemaInterceptor.java:858)
jvm 1    |     at
org.apache.directory.server.core.schema.SchemaInterceptor.modify(SchemaInterceptor.java:1390)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.hash.PasswordHashingInterceptor.modify(PasswordHashingInterceptor.java:113)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.kerberos.KeyDerivationInterceptor.modify(KeyDerivationInterceptor.java:164)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.exception.ExceptionInterceptor.modify(ExceptionInterceptor.java:298)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.modify(DefaultAuthorizationInterceptor.java:288)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.authz.AciAuthorizationInterceptor.modify(AciAuthorizationInterceptor.java:855)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.referral.ReferralInterceptor.modify(ReferralInterceptor.java:309)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:1050)
jvm 1    |     at
org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:599)
jvm 1    |     at
org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:248)
jvm 1    |     at
org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:660)
jvm 1    |     at
org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:590)
jvm 1    |     at
org.apache.directory.server.core.shared.DefaultCoreSession.modify(DefaultCoreSession.java:564)
jvm 1    |     at
org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.modify(ReplicationConsumerImpl.java:985)
jvm 1    |     at
org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.handleSearchResult(ReplicationConsumerImpl.java:361)
jvm 1    |     at
org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.doSyncSearch(ReplicationConsumerImpl.java:618)
jvm 1    |     at
org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.startSync(ReplicationConsumerImpl.java:505)
jvm 1    |     at
org.apache.directory.server.ldap.replication.consumer.ReplicationConsumerImpl.start(ReplicationConsumerImpl.java:548)
jvm 1    |     at
org.apache.directory.server.ldap.LdapServer$2.run(LdapServer.java:660)
jvm 1    |     at java.lang.Thread.run(Thread.java:722)


On 05/11/2012 12:03 PM, Emmanuel Lécharny wrote:
> Le 5/11/12 11:12 AM, houmles a écrit :
>> Guys i found the problem and don't know how to solve it..
>> DN's which have ACLs on them (administrativerole, accesscontrolsubentry)
>> don't replicate attributes even when I grant everything for everyone.
>> When i remove ACLs, everything works.
>> I tested this on both master and slave clear servers, just added new
>> partition, DN and ACL on it.
>> I suppose this is not intended. Maybe its bug?
>
> I wonder if we transfert Operational Attributes. Can you add the
> followin values :
> ads-replattributes: administrativeRole
> ads-replattributes: accessControlSubentry
>
>
>

Mime
View raw message