directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot ...@marcelot.net>
Subject Re: Import LDIF with operational attributes
Date Thu, 11 Apr 2013 14:34:05 GMT
Ok thanks for trying out.

It must be something wrong in the server then, I guess.

Regards,
Pierre-Arnaud

On 11 avr. 2013, at 16:25, Kevin Hamilton <khamilton@umem.org> wrote:

> I tried refreshing everything. I tried reloading the schema. I tried
> disconnecting and reconnecting. No success. Not sure what the problem is.
> 
> Thanks,
> Kevin
> 
> 
> On Thu, Apr 11, 2013 at 10:16 AM, Pierre-Arnaud Marcelot <pa@marcelot.net>wrote:
> 
>> Hi Kevin,
>> 
>> Is it still the case when you "refresh" the root node of your partition,
>> and/or disconnect and reconnect the connection to server?
>> 
>> (I am trying to see if it's not a caching side-effect on Studio, here)
>> 
>> Regards,
>> Pierre-Arnaud
>> 
>> 
>> On 11 avr. 2013, at 16:12, Kevin Hamilton <khamilton@umem.org> wrote:
>> 
>>> Hey,
>>> 
>>> I eventually got everyone imported correctly, but now I am noticing
>>> something weird. I imported over 1000 users, but now when I log in via
>>> Directory Studio, I can no longer see them. If I do an explicit search
>> for
>>> something like uid=khamilton, I get the result that I exist and I can
>> view
>>> myself, but if I just go to the place where I should be, there is nothing
>>> there.
>>> 
>>> Any ideas as to why I can't see all of the records? I am binded as
>>> uid=admin,ou=system.
>>> 
>>> Thanks,
>>> Kevin
>>> 
>>> 
>>> On Wed, Apr 10, 2013 at 3:15 PM, Kiran Ayyagari <kayyagari@apache.org
>>> wrote:
>>> 
>>>> On Thu, Apr 11, 2013 at 12:35 AM, Kevin Hamilton <khamilton@umem.org>
>>>> wrote:
>>>> 
>>>>> I am using M11 for the import. I was just getting the data from the
>> M2. I
>>>>> 
>>>> ahh, I missed the M11 part, ok so far so good
>>>> 
>>>>> think I figured out what was wrong. I actually received an error that
>>>> said
>>>>> the following:
>>>>> 
>>>>> version: 1
>>>>> 
>>>>> #!RESULT ERROR
>>>>> #!CONNECTION ldap://CONNECTION:10636
>>>>> #!DATE 2013-04-10T14:41:32.336
>>>>> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for
>>>> MessageType
>>>>> : MODIFY_REQUEST Message ID : 432     Modify Request         Object :
>>>>> 'uid=BLAH,ou=users,ou=BLAH,ou=system'             Modification[0]
>>>>>     Operation :  replace                 Modification objectclass:
>>>>> organizationalPerson objectclass: person objectclass: inetOrgPerson
>>>>> objectclass: top             Modification[1]                 Operation
>> :
>>>>> replace                 Modification cn: BLAH
>>>> Modification[2]
>>>>>               Operation :  replace                 Modification sn:
>>>> BLAH
>>>>>           Modification[3]                 Operation :  replace
>>>>>     Modification mail: BLAH             Modification[4]
>>>>> Operation :  replace                 Modification uid: BLAH
>>>>> Modification[5]                 Operation :  replace
>>>>> Modification userPassword: BLAH'             Modification[6]
>>>>> Operation :  replace                 Modification entryUUID:
>>>>> 99cadd12-1170-4dbb-a66c-2237a89d7b12
>>>>> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@ba1384fc
>> :
>>>>> invalid reuse of password present in password history]
>>>>> 
>>>> ok, just disable the password policy till the import completes
>>>> 
>>>>> dn: uid=kfarrell,ou=users,ou=umem,ou=system
>>>>> objectclass: organizationalPerson
>>>>> objectclass: person
>>>>> objectclass: inetOrgPerson
>>>>> objectclass: top
>>>>> cn: BLAH
>>>>> sn: BLAH
>>>>> mail: BLAH
>>>>> uid: BLAH
>>>>> userPassword:: BLAH
>>>>> entryUUID:: OTljYWRkMTItMTE3MC00ZGJiLWE2NmMtMjIzN2E4OWQ3YjEy
>>>>> 
>>>>> 
>>>>> I just thought my password policies has to be updated in the config
>>>> LDIF. I
>>>>> went in and updated it so that it looks like below (was planning on
>>>>> changing them after I got the import to work):
>>>>> dn:
>>>>> 
>>>>> 
>>>> 
>> ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>>>>> objectClass: top
>>>>> objectClass: ads-base
>>>>> objectClass: ads-passwordPolicy
>>>>> ads-pwdId: default
>>>>> ads-pwdSafeModify: FALSE
>>>>> ads-pwdMaxAge: 0
>>>>> ads-pwdFailureCountInterval: 30
>>>>> ads-pwdAttribute: userPassword
>>>>> ads-pwdMaxFailure: 10
>>>>> ads-pwdLockout: TRUE
>>>>> ads-pwdMustChange: FALSE
>>>>> ads-pwdLockoutDuration: 0
>>>>> ads-pwdMinLength: 5
>>>>> ads-pwdInHistory: 5
>>>>> ads-pwdExpireWarning: 600
>>>>> ads-pwdMinAge: 0
>>>>> ads-pwdAllowUserChange: TRUE
>>>>> ads-pwdGraceAuthNLimit: 5
>>>>> ads-pwdCheckQuality: 0
>>>>> ads-pwdMaxLength: 0
>>>>> ads-pwdGraceExpire: 0
>>>>> ads-pwdMinDelay: 0
>>>>> ads-pwdMaxDelay: 0
>>>>> ads-pwdMaxIdle: 0
>>>>> ads-enabled: TRUE
>>>>> 
>>>>> 
>>>>> Now when try to start the service, it fails with the following message.
>>>> Any
>>>>> idea why and if it was something I did when I edited the above values?
>>>>> 
>>>>> no, it looks like the backend files were corrupted, did you kill the
>>>> server in the middle of
>>>> import?
>>>> can you start with a clean base(remove the system folder under
>> partitions
>>>> directory) and try again
>>>> 
>>>>> wrapper  | --> Wrapper Started as Console
>>>>> wrapper  | Launching a JVM...
>>>>> jvm 1    | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
>>>>> jvm 1    |   Copyright 1999-2006 Tanuki Software, Inc.  All Rights
>>>>> Reserved.
>>>>> jvm 1    |
>>>>> jvm 1    | [14:53:58] ERROR
>>>>> [org.apache.directory.server.wrapper.ApacheDsTanukiWrapper] - Failed
to
>>>>> start the service.
>>>>> jvm 1    |
>>>> org.apache.directory.api.ldap.model.exception.LdapOtherException
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.DefaultDirectoryService.initialize(DefaultDirectoryService.java:1796)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.DefaultDirectoryService.startup(DefaultDirectoryService.java:1227)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.ApacheDsService.initDirectoryService(ApacheDsService.java:315)
>>>>> jvm 1    | at
>>>>> 
>>>> 
>> org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:179)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.wrapper.ApacheDsTanukiWrapper.start(ApacheDsTanukiWrapper.java:72)
>>>>> jvm 1    | at
>>>>> 
>>>> 
>> org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:2788)
>>>>> jvm 1    | Caused by:
>>>>> org.apache.directory.api.ldap.model.exception.LdapOtherException
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.addContextPartition(DefaultPartitionNexus.java:824)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.doInit(DefaultPartitionNexus.java:218)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
>>>>> jvm 1    | ... 6 more
>>>>> jvm 1    | Caused by:
>>>>> 
>> org.apache.directory.api.ldap.model.exception.LdapOperationErrorException
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1148)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.lookup(AbstractBTreePartition.java:1058)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition.doInit(JdbmPartition.java:235)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
>>>>> jvm 1    | ... 9 more
>>>>> jvm 1    | Caused by: java.lang.NullPointerException
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.api.ldap.model.entry.StringValue.readExternal(StringValue.java:540)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.api.ldap.model.entry.StringValue.deserialize(StringValue.java:497)
>>>>> jvm 1    | at
>>>>> 
>> org.apache.directory.api.ldap.model.name.Ava.readExternal(Ava.java:1117)
>>>>> jvm 1    | at
>>>>> 
>> org.apache.directory.api.ldap.model.name.Rdn.readExternal(Rdn.java:1589)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.jdbm.EntrySerializer.deserialize(EntrySerializer.java:184)
>>>>> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:1188)
>>>>> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:81)
>>>>> jvm 1    | at
>>>>> jdbm.recman.BaseRecordManager.fetch(BaseRecordManager.java:329)
>>>>> jvm 1    | at
>>>>> jdbm.recman.CacheRecordManager.fetch(CacheRecordManager.java:264)
>>>>> jvm 1    | at jdbm.btree.BPage.loadBPage(BPage.java:949)
>>>>> jvm 1    | at jdbm.btree.BPage.find(BPage.java:280)
>>>>> jvm 1    | at jdbm.btree.BTree.find(BTree.java:413)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmTable.get(JdbmTable.java:325)
>>>>> jvm 1    | at
>>>>> 
>>>>> 
>>>> 
>> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1119)
>>>>> jvm 1    | ... 12 more
>>>>> wrapper  | <-- Wrapper Stopped
>>>>> 
>>>>> 
>>>>> Thanks so much for your help!
>>>>> 
>>>>> - Kevin
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> On Wed, Apr 10, 2013 at 2:49 PM, Kiran Ayyagari <kayyagari@apache.org
>>>>>> wrote:
>>>>> 
>>>>>> just tested, it works with M11, would it be possible for you to move
>> to
>>>>>> M11? (ofcourse this is the best version than any other previous
>>>> versions)
>>>>>> 
>>>>>> 
>>>>>> On Thu, Apr 11, 2013 at 12:11 AM, Kevin Hamilton <khamilton@umem.org>
>>>>>> wrote:
>>>>>> 
>>>>>>> I am binded as uid=admin,ou=system and I receive the following
error:
>>>>>>> 
>>>>>>> version: 1
>>>>>>> 
>>>>>>> #!RESULT ERROR
>>>>>>> #!CONNECTION ldap://ADDRESS:10636
>>>>>>> #!DATE 2013-04-10T14:39:40.824
>>>>>>> #!ERROR [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
for
>>>>>>> MessageType : MODIFY_REQUEST Message ID : 430     Modify Request
>>>>>>> Object : 'ou=users,ou=umem,ou=system'             Modification[0]
>>>>>>>     Operation :  replace                 Modification objectClass:
>>>>>>> organizationalUnit objectClass: top             Modification[1]
>>>>>>>   Operation :  replace                 Modification ou: users
>>>>>>> Modification[2]                 Operation :  replace
>>>>>>> Modification entryUUID: 6d8d6e5d-487d-4d75-abc8-27e8e847f22a
>>>>>>> 
>>>> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9cc6142c
>>>>> :
>>>>>>> ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE ( 1.3.6.1.1.16.4
>>>>>> NAME
>>>>>>> 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch  ORDERING
>>>>>>> uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
>>>>>>> NO-USER-MODIFICATION  USAGE directoryOperation  ) ]
>>>>>>> dn: ou=users,ou=umem,ou=system
>>>>>>> objectClass: organizationalUnit
>>>>>>> objectClass: top
>>>>>>> ou: users
>>>>>>> entryUUID:: NmQ4ZDZlNWQtNDg3ZC00ZDc1LWFiYzgtMjdlOGU4NDdmMjJh
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On Wed, Apr 10, 2013 at 2:23 PM, Kiran Ayyagari <
>>>> kayyagari@apache.org
>>>>>>>> wrote:
>>>>>>> 
>>>>>>>> if you inject as uid=admin,ou=system user the UUID should
be
>>>>> preserved
>>>>>>>> while adding
>>>>>>>> 
>>>>>>>> 
>>>>>>>> On Wed, Apr 10, 2013 at 11:34 PM, Kevin Hamilton <
>>>> khamilton@umem.org
>>>>>> 
>>>>>>>> wrote:
>>>>>>>> 
>>>>>>>>> Hello,
>>>>>>>>> 
>>>>>>>>> We are attempting to migrate some data from our apacheds
2.0.0-M2
>>>>> to
>>>>>> a
>>>>>>>>> newer machine running a 2.0.0-M11 install. When I export
my
>>>> users,
>>>>> I
>>>>>>>> would
>>>>>>>>> like to preserve the entryUUID from the initial user
creation.
>>>>>>>>> Unfortunately, when I try to import an LDIF of users
that
>>>> contains
>>>>>> the
>>>>>>>>> entryUUID with it, I receive the error below:
>>>>>>>>> 
>>>>>>>>> 
>>>>>> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9ca71e1f
>>>>>>> :
>>>>>>>>> ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE (
>>>>> 1.3.6.1.1.16.4
>>>>>>>> NAME
>>>>>>>>> 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch
 ORDERING
>>>>>>>>> uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
>>>>>>>>> NO-USER-MODIFICATION  USAGE directoryOperation
>>>>>>>>> 
>>>>>>>>> Is there any way I can preserve the entryUUIDs for these
entries?
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> Thanks,
>>>>>>>>> 
>>>>>>>>> Kevin
>>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> --
>>>>>>>> Kiran Ayyagari
>>>>>>>> http://keydap.com
>>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Kevin Hamilton (khamilton@umem.org)
>>>>>>> Application Developer
>>>>>>> Department of Emergency Medicine
>>>>>>> University of Maryland School of Medicine
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> --
>>>>>> Kiran Ayyagari
>>>>>> http://keydap.com
>>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> --
>>>>> Kevin Hamilton (khamilton@umem.org)
>>>>> Application Developer
>>>>> Department of Emergency Medicine
>>>>> University of Maryland School of Medicine
>>>>> 
>>>> 
>>>> 
>>>> 
>>>> --
>>>> Kiran Ayyagari
>>>> http://keydap.com
>>>> 
>>> 
>>> 
>>> 
>>> --
>>> Kevin Hamilton (khamilton@umem.org)
>>> Application Developer
>>> Department of Emergency Medicine
>>> University of Maryland School of Medicine
>> 
>> 
> 
> 
> -- 
> Kevin Hamilton (khamilton@umem.org)
> Application Developer
> Department of Emergency Medicine
> University of Maryland School of Medicine


Mime
View raw message