directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Carlo.Acco...@ibs-ag.com>
Subject FW: Null Pointer when importing Ldif entry with pwdPolicySubEntry attribute
Date Fri, 01 Nov 2013 19:25:22 GMT
Hi, When we upgrade between versions of apacheDS, we dump out an LDIF of all the users including
the  pwdChangedTime and pwdPolicySubEntry attributes.

We they all get imported back in, their password are all set to expire (as defined in the
policy) in 30 days (+/-) the hour
or however long it takes to import.  We were looking to preserve the current period the passwords
are valid when uplifting the system.

One idea was to import the pwdChangedTime along with their password policy as defined in pwdPolicySubEntry
but keep the policy itself disabled. (thereby leaving pwdChangedTime alone)
When we tried this, the null pointer occurs that I sent below the other day.  (that example
did not include pwdChangedTime)

We thought this might allow us to restore each user's actual password expiry. Then Once everyone
is imported, we would re-enable the password policies.

Am I going down a trail here? Thanks.


From: Accorsi, Carlo
Sent: Wednesday, October 30, 2013 3:55 PM
To: users@directory.apache.org
Subject: Null Pointer when importing Ldif entry with pwdPolicySubEntry attribute

Hi, we're testing M16-SNAPSHOT . When we import an LDIF (from Directory Studio) containing
entries that have a pwdPolicySubEntry attribute a null pointer exception occurs.
The policy defined in the in attribute exists and when ads-enabled=TRUE is set, the entry
imports ok. If the policy ads-enabled=FALSE, the NPE is thrown.

Maybe this is the expected behavior? We would in some situations like to bulk load users without
the policy enabled, then after everyone is in there, enable the policy.

Thanks!

#!RESULT ERROR
#!CONNECTION ldap://localhost:10389
#!DATE 2013-10-30T15:32:25.999
#!ERROR [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 19
Add Request : Entry     dn[n]: uid=1336598819633,ou=users,ou=int,o=cpro
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: 1336598819633
mail: test@test.com<mailto:test@test.com>
sn: Test
givenName: Test
pwdPolicySubEntry: ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
userPassword: '0x7B 0x53 0x53 0x48 0x41 0x7D 0x32 0x78 0x62 0x6B 0x4E 0x77 0x30 0x39 0x4B
0x77 ...'
title: -none-
employeeNumber: Test.Test
cn: Test, Test
displayName: Test, Test:
null: java.lang.NullPointerException        at org.apache.directory.server.core.authn.AuthenticationInterceptor.check(AuthenticationInterceptor.java:1262)
at org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:364)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:422)
at org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:127)
at org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:394)
at org.apache.directory.server.core.shared.DefaultCoreSession.add(DefaultCoreSession.java:233)
at org.apache.directory.server.core.shared.DefaultCoreSession.add(DefaultCoreSession.java:217)
at org.apache.directory.server.ldap.handlers.request.AddRequestHandler.handle(AddRequestHandler.java:57)
at org.apache.directory.server.ldap.handlers.request.AddRequestHandler.handle(AddRequestHandler.java:39)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:221)
at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:217)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:74)
at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:474)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:428)
at java.lang.Thread.run(Unknown Source)  ]
dn: uid=1336598819633,ou=users,ou=int,o=cpro
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: 1336598819633
mail: test@test.com<mailto:test@test.com>
sn: Test
givenName: Test
pwdPolicySubEntry: ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
userPassword:: e1NTSEF9Mnhia053MDlLd1dVZE0xMTFXUzQ3K2s5N3JzS3o4UHlYbGF2VUE9PQ==
title: -none-
employeeNumber: Test.Test
cn: Test, Test
displayName: Test, Test



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message