directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Hamilton <khamil...@umem.org>
Subject Re: Import LDIF with operational attributes
Date Thu, 11 Apr 2013 14:25:07 GMT
I tried refreshing everything. I tried reloading the schema. I tried
disconnecting and reconnecting. No success. Not sure what the problem is.

Thanks,
Kevin


On Thu, Apr 11, 2013 at 10:16 AM, Pierre-Arnaud Marcelot <pa@marcelot.net>wrote:

> Hi Kevin,
>
> Is it still the case when you "refresh" the root node of your partition,
> and/or disconnect and reconnect the connection to server?
>
> (I am trying to see if it's not a caching side-effect on Studio, here)
>
> Regards,
> Pierre-Arnaud
>
>
> On 11 avr. 2013, at 16:12, Kevin Hamilton <khamilton@umem.org> wrote:
>
> > Hey,
> >
> > I eventually got everyone imported correctly, but now I am noticing
> > something weird. I imported over 1000 users, but now when I log in via
> > Directory Studio, I can no longer see them. If I do an explicit search
> for
> > something like uid=khamilton, I get the result that I exist and I can
> view
> > myself, but if I just go to the place where I should be, there is nothing
> > there.
> >
> > Any ideas as to why I can't see all of the records? I am binded as
> > uid=admin,ou=system.
> >
> > Thanks,
> > Kevin
> >
> >
> > On Wed, Apr 10, 2013 at 3:15 PM, Kiran Ayyagari <kayyagari@apache.org
> >wrote:
> >
> >> On Thu, Apr 11, 2013 at 12:35 AM, Kevin Hamilton <khamilton@umem.org>
> >> wrote:
> >>
> >>> I am using M11 for the import. I was just getting the data from the
> M2. I
> >>>
> >> ahh, I missed the M11 part, ok so far so good
> >>
> >>> think I figured out what was wrong. I actually received an error that
> >> said
> >>> the following:
> >>>
> >>> version: 1
> >>>
> >>> #!RESULT ERROR
> >>> #!CONNECTION ldap://CONNECTION:10636
> >>> #!DATE 2013-04-10T14:41:32.336
> >>> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for
> >> MessageType
> >>> : MODIFY_REQUEST Message ID : 432     Modify Request         Object :
> >>> 'uid=BLAH,ou=users,ou=BLAH,ou=system'             Modification[0]
> >>>      Operation :  replace                 Modification objectclass:
> >>> organizationalPerson objectclass: person objectclass: inetOrgPerson
> >>> objectclass: top             Modification[1]                 Operation
> :
> >>> replace                 Modification cn: BLAH
> >> Modification[2]
> >>>                Operation :  replace                 Modification sn:
> >> BLAH
> >>>            Modification[3]                 Operation :  replace
> >>>      Modification mail: BLAH             Modification[4]
> >>> Operation :  replace                 Modification uid: BLAH
> >>> Modification[5]                 Operation :  replace
> >>> Modification userPassword: BLAH'             Modification[6]
> >>>  Operation :  replace                 Modification entryUUID:
> >>> 99cadd12-1170-4dbb-a66c-2237a89d7b12
> >>> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@ba1384fc
> :
> >>> invalid reuse of password present in password history]
> >>>
> >> ok, just disable the password policy till the import completes
> >>
> >>> dn: uid=kfarrell,ou=users,ou=umem,ou=system
> >>> objectclass: organizationalPerson
> >>> objectclass: person
> >>> objectclass: inetOrgPerson
> >>> objectclass: top
> >>> cn: BLAH
> >>> sn: BLAH
> >>> mail: BLAH
> >>> uid: BLAH
> >>> userPassword:: BLAH
> >>> entryUUID:: OTljYWRkMTItMTE3MC00ZGJiLWE2NmMtMjIzN2E4OWQ3YjEy
> >>>
> >>>
> >>> I just thought my password policies has to be updated in the config
> >> LDIF. I
> >>> went in and updated it so that it looks like below (was planning on
> >>> changing them after I got the import to work):
> >>> dn:
> >>>
> >>>
> >>
> ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> >>> objectClass: top
> >>> objectClass: ads-base
> >>> objectClass: ads-passwordPolicy
> >>> ads-pwdId: default
> >>> ads-pwdSafeModify: FALSE
> >>> ads-pwdMaxAge: 0
> >>> ads-pwdFailureCountInterval: 30
> >>> ads-pwdAttribute: userPassword
> >>> ads-pwdMaxFailure: 10
> >>> ads-pwdLockout: TRUE
> >>> ads-pwdMustChange: FALSE
> >>> ads-pwdLockoutDuration: 0
> >>> ads-pwdMinLength: 5
> >>> ads-pwdInHistory: 5
> >>> ads-pwdExpireWarning: 600
> >>> ads-pwdMinAge: 0
> >>> ads-pwdAllowUserChange: TRUE
> >>> ads-pwdGraceAuthNLimit: 5
> >>> ads-pwdCheckQuality: 0
> >>> ads-pwdMaxLength: 0
> >>> ads-pwdGraceExpire: 0
> >>> ads-pwdMinDelay: 0
> >>> ads-pwdMaxDelay: 0
> >>> ads-pwdMaxIdle: 0
> >>> ads-enabled: TRUE
> >>>
> >>>
> >>> Now when try to start the service, it fails with the following message.
> >> Any
> >>> idea why and if it was something I did when I edited the above values?
> >>>
> >>> no, it looks like the backend files were corrupted, did you kill the
> >> server in the middle of
> >> import?
> >> can you start with a clean base(remove the system folder under
> partitions
> >> directory) and try again
> >>
> >>> wrapper  | --> Wrapper Started as Console
> >>> wrapper  | Launching a JVM...
> >>> jvm 1    | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
> >>> jvm 1    |   Copyright 1999-2006 Tanuki Software, Inc.  All Rights
> >>> Reserved.
> >>> jvm 1    |
> >>> jvm 1    | [14:53:58] ERROR
> >>> [org.apache.directory.server.wrapper.ApacheDsTanukiWrapper] - Failed to
> >>> start the service.
> >>> jvm 1    |
> >> org.apache.directory.api.ldap.model.exception.LdapOtherException
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.DefaultDirectoryService.initialize(DefaultDirectoryService.java:1796)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.DefaultDirectoryService.startup(DefaultDirectoryService.java:1227)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.ApacheDsService.initDirectoryService(ApacheDsService.java:315)
> >>> jvm 1    | at
> >>>
> >>
> org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:179)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.wrapper.ApacheDsTanukiWrapper.start(ApacheDsTanukiWrapper.java:72)
> >>> jvm 1    | at
> >>>
> >>
> org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:2788)
> >>> jvm 1    | Caused by:
> >>> org.apache.directory.api.ldap.model.exception.LdapOtherException
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.addContextPartition(DefaultPartitionNexus.java:824)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.doInit(DefaultPartitionNexus.java:218)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
> >>> jvm 1    | ... 6 more
> >>> jvm 1    | Caused by:
> >>>
> org.apache.directory.api.ldap.model.exception.LdapOperationErrorException
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1148)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.lookup(AbstractBTreePartition.java:1058)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition.doInit(JdbmPartition.java:235)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
> >>> jvm 1    | ... 9 more
> >>> jvm 1    | Caused by: java.lang.NullPointerException
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.api.ldap.model.entry.StringValue.readExternal(StringValue.java:540)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.api.ldap.model.entry.StringValue.deserialize(StringValue.java:497)
> >>> jvm 1    | at
> >>>
> org.apache.directory.api.ldap.model.name.Ava.readExternal(Ava.java:1117)
> >>> jvm 1    | at
> >>>
> org.apache.directory.api.ldap.model.name.Rdn.readExternal(Rdn.java:1589)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.jdbm.EntrySerializer.deserialize(EntrySerializer.java:184)
> >>> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:1188)
> >>> jvm 1    | at jdbm.btree.BPage.deserialize(BPage.java:81)
> >>> jvm 1    | at
> >>> jdbm.recman.BaseRecordManager.fetch(BaseRecordManager.java:329)
> >>> jvm 1    | at
> >>> jdbm.recman.CacheRecordManager.fetch(CacheRecordManager.java:264)
> >>> jvm 1    | at jdbm.btree.BPage.loadBPage(BPage.java:949)
> >>> jvm 1    | at jdbm.btree.BPage.find(BPage.java:280)
> >>> jvm 1    | at jdbm.btree.BTree.find(BTree.java:413)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmTable.get(JdbmTable.java:325)
> >>> jvm 1    | at
> >>>
> >>>
> >>
> org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.fetch(AbstractBTreePartition.java:1119)
> >>> jvm 1    | ... 12 more
> >>> wrapper  | <-- Wrapper Stopped
> >>>
> >>>
> >>> Thanks so much for your help!
> >>>
> >>> - Kevin
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> On Wed, Apr 10, 2013 at 2:49 PM, Kiran Ayyagari <kayyagari@apache.org
> >>>> wrote:
> >>>
> >>>> just tested, it works with M11, would it be possible for you to move
> to
> >>>> M11? (ofcourse this is the best version than any other previous
> >> versions)
> >>>>
> >>>>
> >>>> On Thu, Apr 11, 2013 at 12:11 AM, Kevin Hamilton <khamilton@umem.org>
> >>>> wrote:
> >>>>
> >>>>> I am binded as uid=admin,ou=system and I receive the following error:
> >>>>>
> >>>>> version: 1
> >>>>>
> >>>>> #!RESULT ERROR
> >>>>> #!CONNECTION ldap://ADDRESS:10636
> >>>>> #!DATE 2013-04-10T14:39:40.824
> >>>>> #!ERROR [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
for
> >>>>> MessageType : MODIFY_REQUEST Message ID : 430     Modify Request
> >>>>> Object : 'ou=users,ou=umem,ou=system'             Modification[0]
> >>>>>      Operation :  replace                 Modification objectClass:
> >>>>> organizationalUnit objectClass: top             Modification[1]
> >>>>>    Operation :  replace                 Modification ou: users
> >>>>> Modification[2]                 Operation :  replace
> >>>>> Modification entryUUID: 6d8d6e5d-487d-4d75-abc8-27e8e847f22a
> >>>>>
> >> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9cc6142c
> >>> :
> >>>>> ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE ( 1.3.6.1.1.16.4
> >>>> NAME
> >>>>> 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch  ORDERING
> >>>>> uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
> >>>>> NO-USER-MODIFICATION  USAGE directoryOperation  ) ]
> >>>>> dn: ou=users,ou=umem,ou=system
> >>>>> objectClass: organizationalUnit
> >>>>> objectClass: top
> >>>>> ou: users
> >>>>> entryUUID:: NmQ4ZDZlNWQtNDg3ZC00ZDc1LWFiYzgtMjdlOGU4NDdmMjJh
> >>>>>
> >>>>>
> >>>>>
> >>>>> On Wed, Apr 10, 2013 at 2:23 PM, Kiran Ayyagari <
> >> kayyagari@apache.org
> >>>>>> wrote:
> >>>>>
> >>>>>> if you inject as uid=admin,ou=system user the UUID should be
> >>> preserved
> >>>>>> while adding
> >>>>>>
> >>>>>>
> >>>>>> On Wed, Apr 10, 2013 at 11:34 PM, Kevin Hamilton <
> >> khamilton@umem.org
> >>>>
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Hello,
> >>>>>>>
> >>>>>>> We are attempting to migrate some data from our apacheds
2.0.0-M2
> >>> to
> >>>> a
> >>>>>>> newer machine running a 2.0.0-M11 install. When I export
my
> >> users,
> >>> I
> >>>>>> would
> >>>>>>> like to preserve the entryUUID from the initial user creation.
> >>>>>>> Unfortunately, when I try to import an LDIF of users that
> >> contains
> >>>> the
> >>>>>>> entryUUID with it, I receive the error below:
> >>>>>>>
> >>>>>>>
> >>>> org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9ca71e1f
> >>>>> :
> >>>>>>> ERR_52 Cannot modify the attribute : ATTRIBUTE_TYPE (
> >>> 1.3.6.1.1.16.4
> >>>>>> NAME
> >>>>>>> 'entryUUID'  DESC UUID of the entry  EQUALITY uuidMatch
 ORDERING
> >>>>>>> uuidOrderingMatch  SYNTAX 1.3.6.1.1.16.1  SINGLE-VALUE
> >>>>>>> NO-USER-MODIFICATION  USAGE directoryOperation
> >>>>>>>
> >>>>>>> Is there any way I can preserve the entryUUIDs for these
entries?
> >>>>>>>
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>>
> >>>>>>> Kevin
> >>>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> --
> >>>>>> Kiran Ayyagari
> >>>>>> http://keydap.com
> >>>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Kevin Hamilton (khamilton@umem.org)
> >>>>> Application Developer
> >>>>> Department of Emergency Medicine
> >>>>> University of Maryland School of Medicine
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> Kiran Ayyagari
> >>>> http://keydap.com
> >>>>
> >>>
> >>>
> >>>
> >>> --
> >>> Kevin Hamilton (khamilton@umem.org)
> >>> Application Developer
> >>> Department of Emergency Medicine
> >>> University of Maryland School of Medicine
> >>>
> >>
> >>
> >>
> >> --
> >> Kiran Ayyagari
> >> http://keydap.com
> >>
> >
> >
> >
> > --
> > Kevin Hamilton (khamilton@umem.org)
> > Application Developer
> > Department of Emergency Medicine
> > University of Maryland School of Medicine
>
>


-- 
Kevin Hamilton (khamilton@umem.org)
Application Developer
Department of Emergency Medicine
University of Maryland School of Medicine

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message