directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Import LDIF with operational attributes
Date Wed, 10 Apr 2013 19:15:06 GMT
On Thu, Apr 11, 2013 at 12:35 AM, Kevin Hamilton <khamilton@umem.org> wrote:

> I am using M11 for the import. I was just getting the data from the M2. I
>
ahh, I missed the M11 part, ok so far so good

> think I figured out what was wrong. I actually received an error that said
> the following:
>
> version: 1
>
> #!RESULT ERROR
> #!CONNECTION ldap://CONNECTION:10636
> #!DATE 2013-04-10T14:41:32.336
> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for MessageType
> : MODIFY_REQUEST Message ID : 432     Modify Request         Object :
> 'uid=BLAH,ou=users,ou=BLAH,ou=system'             Modification[0]
>       Operation :  replace                 Modification objectclass:
> organizationalPerson objectclass: person objectclass: inetOrgPerson
> objectclass: top             Modification[1]                 Operation :
>  replace                 Modification cn: BLAH             Modification[2]
>                 Operation :  replace                 Modification sn: BLAH
>             Modification[3]                 Operation :  replace
>       Modification mail: BLAH             Modification[4]
> Operation :  replace                 Modification uid: BLAH
> Modification[5]                 Operation :  replace
> Modification userPassword: BLAH'             Modification[6]
>   Operation :  replace                 Modification entryUUID:
> 99cadd12-1170-4dbb-a66c-2237a89d7b12
> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@ba1384fc:
> invalid reuse of password present in password history]
>
ok, just disable the password policy till the import completes

> dn: uid=kfarrell,ou=users,ou=umem,ou=system
> objectclass: organizationalPerson
> objectclass: person
> objectclass: inetOrgPerson
> objectclass: top
> cn: BLAH
> sn: BLAH
> mail: BLAH
> uid: BLAH
> userPassword:: BLAH
> entryUUID:: OTljYWRkMTItMTE3MC00ZGJiLWE2NmMtMjIzN2E4OWQ3YjEy
>
>
> I just thought my password policies has to be updated in the config LDIF. I
> went in and updated it so that it looks like below (was planning on
> changing them after I got the import to work):
> dn:
>
> ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> objectClass: top
> objectClass: ads-base
> objectClass: ads-passwordPolicy
> ads-pwdId: default
> ads-pwdSafeModify: FALSE
> ads-pwdMaxAge: 0
> ads-pwdFailureCountInterval: 30
> ads-pwdAttribute: userPassword
> ads-pwdMaxFailure: 10
> ads-pwdLockout: TRUE
> ads-pwdMustChange: FALSE
> ads-pwdLockoutDuration: 0
> ads-pwdMinLength: 5
> ads-pwdInHistory: 5
> ads-pwdExpireWarning: 600
> ads-pwdMinAge: 0
> ads-pwdAllowUserChange: TRUE
> ads-pwdGraceAuthNLimit: 5
> ads-pwdCheckQuality: 0
> ads-pwdMaxLength: 0
> ads-pwdGraceExpire: 0
> ads-pwdMinDelay: 0
> ads-pwdMaxDelay: 0
> ads-pwdMaxIdle: 0
> ads-enabled: TRUE
>
>
> Now when try to start the service, it fails with the following message. Any
> idea why and if it was something I did when I edited the above values?
>
> no, it looks like the backend files were corrupted, did you kill the
server in the middle of
import?
can you start with a clean base(remove the system folder under partitions
directory) and try again

> wrapper  | --> Wrapper Started as Console
> wrapper  | Launching a JVM...
> jvm 1    | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
> jvm 1    |   Copyright 1999-2006 Tanuki Software, Inc.  All Rights
> Reserved.
> jvm 1    |
> jvm 1    | [14:53:58] ERROR
> [org.apache.directory.server.wrapper.ApacheDsTanukiWrapper] - Failed to
> start the service.
> jvm 1    | org.apache.directory.api.ldap.model.exception.LdapOtherException
> jvm 1    | at
>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
> jvm 1    | at
>
> org.apache.directory.server.core.DefaultDirectoryService.initialize(DefaultDirectoryService.java:1796)
> jvm 1    | at
>
> org.apache.directory.server.core.DefaultDirectoryService.startup(DefaultDirectoryService.java:1227)
> jvm 1    | at
>
> org.apache.directory.server.ApacheDsService.initDirectoryService(ApacheDsService.java:315)
> jvm 1    | at
> org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:179)
> jvm 1    | at
>
> org.apache.directory.server.wrapper.ApacheDsTanukiWrapper.start(ApacheDsTanukiWrapper.java:72)
> jvm 1    | at
> org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:2788)
> jvm 1    | Caused by:
> org.apache.directory.api.ldap.model.exception.LdapOtherException
> jvm 1    | at
>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
> jvm 1    | at
>
> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.addContextPartition(DefaultPartitionNexus.java:824)
> jvm 1    | at
>
> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.doInit(DefaultPartitionNexus.java:218)
> jvm 1    | at
>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
> jvm 1    | ... 6 more
> jvm 1    | Caused by:
> org.apache.directory.api.ldap.model.exception.LdapOperationErrorException
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1148)
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.lookup(AbstractBTreePartition.java:1058)
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition.doInit(JdbmPartition.java:235)
> jvm 1    | at
>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
> jvm 1    | ... 9 more
> jvm 1    | Caused by: java.lang.NullPointerException
> jvm 1    | at
>
> org.apache.directory.api.ldap.model.entry.StringValue.readExternal(StringValue.java:540)
> jvm 1    | at
>
> org.apache.directory.api.ldap.model.entry.StringValue.deserialize(StringValue.java:497)
> jvm 1    | at
> org.apache.directory.api.ldap.model.name.Ava.readExternal(Ava.java:1117)
> jvm 1    | at
> org.apache.directory.api.ldap.model.name.Rdn.readExternal(Rdn.java:1589)
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.jdbm.EntrySerializer.deserialize(EntrySerializer.java:184)
> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:1188)
> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:81)
> jvm 1    | at
> jdbm.recman.BaseRecordManager.fetch(BaseRecordManager.java:329)
> jvm 1    | at
> jdbm.recman.CacheRecordManager.fetch(CacheRecordManager.java:264)
> jvm 1    | at jdbm.btree.BPage.loadBPage(BPage.java:949)
> jvm 1    | at jdbm.btree.BPage.find(BPage.java:280)
> jvm 1    | at jdbm.btree.BTree.find(BTree.java:413)
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmTable.get(JdbmTable.java:325)
> jvm 1    | at
>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1119)
> jvm 1    | ... 12 more
> wrapper  | <-- Wrapper Stopped
>
>
> Thanks so much for your help!
>
> - Kevin
>
>
>
>
>
>
> On Wed, Apr 10, 2013 at 2:49 PM, Kiran Ayyagari <kayyagari@apache.org
> >wrote:
>
> > just tested, it works with M11, would it be possible for you to move to
> > M11? (ofcourse this is the best version than any other previous versions)
> >
> >
> > On Thu, Apr 11, 2013 at 12:11 AM, Kevin Hamilton <khamilton@umem.org>
> > wrote:
> >
> > > I am binded as uid=admin,ou=system and I receive the following error:
> > >
> > > version: 1
> > >
> > > #!RESULT ERROR
> > > #!CONNECTION ldap://ADDRESS:10636
> > > #!DATE 2013-04-10T14:39:40.824
> > > #!ERROR [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed for
> > > MessageType : MODIFY_REQUEST Message ID : 430     Modify Request
> > > Object : 'ou=users,ou=umem,ou=system'             Modification[0]
> > >       Operation :  replace                 Modification objectClass:
> > > organizationalUnit objectClass: top             Modification[1]
> > >     Operation :  replace                 Modification ou: users
> > > Modification[2]                 Operation :  replace
> > > Modification entryUUID: 6d8d6e5d-487d-4d75-abc8-27e8e847f22a
> > > org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9cc6142c
> :
> > > ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE ( 1.3.6.1.1.16.4
> >  NAME
> > > 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch  ORDERING
> > > uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
> > >  NO-USER-MODIFICATION  USAGE directoryOperation  ) ]
> > > dn: ou=users,ou=umem,ou=system
> > > objectClass: organizationalUnit
> > > objectClass: top
> > > ou: users
> > > entryUUID:: NmQ4ZDZlNWQtNDg3ZC00ZDc1LWFiYzgtMjdlOGU4NDdmMjJh
> > >
> > >
> > >
> > > On Wed, Apr 10, 2013 at 2:23 PM, Kiran Ayyagari <kayyagari@apache.org
> > > >wrote:
> > >
> > > > if you inject as uid=admin,ou=system user the UUID should be
> preserved
> > > > while adding
> > > >
> > > >
> > > > On Wed, Apr 10, 2013 at 11:34 PM, Kevin Hamilton <khamilton@umem.org
> >
> > > > wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > We are attempting to migrate some data from our apacheds 2.0.0-M2
> to
> > a
> > > > > newer machine running a 2.0.0-M11 install. When I export my users,
> I
> > > > would
> > > > > like to preserve the entryUUID from the initial user creation.
> > > > > Unfortunately, when I try to import an LDIF of users that contains
> > the
> > > > > entryUUID with it, I receive the error below:
> > > > >
> > > > >
> > org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9ca71e1f
> > > :
> > > > > ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE (
> 1.3.6.1.1.16.4
> > > >  NAME
> > > > > 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch  ORDERING
> > > > > uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
> > > > > NO-USER-MODIFICATION  USAGE directoryOperation
> > > > >
> > > > > Is there any way I can preserve the entryUUIDs for these entries?
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Kevin
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Kiran Ayyagari
> > > > http://keydap.com
> > > >
> > >
> > >
> > >
> > > --
> > > Kevin Hamilton (khamilton@umem.org)
> > > Application Developer
> > > Department of Emergency Medicine
> > > University of Maryland School of Medicine
> > >
> >
> >
> >
> > --
> > Kiran Ayyagari
> > http://keydap.com
> >
>
>
>
> --
> Kevin Hamilton (khamilton@umem.org)
> Application Developer
> Department of Emergency Medicine
> University of Maryland School of Medicine
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message