directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Carlo.Acco...@ibs-ag.com>
Subject RE: FW: Null Pointer when importing Ldif entry with pwdPolicySubEntry attribute
Date Mon, 04 Nov 2013 15:14:21 GMT
Hi, not using in embedded mode.  I'll try to further isolate where this is coming from. Thanks.



-----Original Message-----
From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On Behalf Of Kiran Ayyagari
Sent: Saturday, November 02, 2013 4:25 AM
To: users@directory.apache.org
Subject: Re: FW: Null Pointer when importing Ldif entry with pwdPolicySubEntry attribute

are you running the server in embedded mode?
cause there are checks in code to avoid cases like these and I couldn't reproduce this with
the server running in network mode


On Sat, Nov 2, 2013 at 12:55 AM, <Carlo.Accorsi@ibs-ag.com> wrote:

> Hi, When we upgrade between versions of apacheDS, we dump out an LDIF 
> of all the users including the  pwdChangedTime and pwdPolicySubEntry 
> attributes.
>
> We they all get imported back in, their password are all set to expire 
> (as defined in the policy) in 30 days (+/-) the hour or however long 
> it takes to import.  We were looking to preserve the current period 
> the passwords are valid when uplifting the system.
>
> One idea was to import the pwdChangedTime along with their password 
> policy as defined in pwdPolicySubEntry but keep the policy itself disabled.
> (thereby leaving pwdChangedTime alone) When we tried this, the null 
> pointer occurs that I sent below the other day.  (that example did not 
> include pwdChangedTime)
>
> We thought this might allow us to restore each user's actual password 
> expiry. Then Once everyone is imported, we would re-enable the 
> password policies.
>
> Am I going down a trail here? Thanks.
>
>
> From: Accorsi, Carlo
> Sent: Wednesday, October 30, 2013 3:55 PM
> To: users@directory.apache.org
> Subject: Null Pointer when importing Ldif entry with pwdPolicySubEntry 
> attribute
>
> Hi, we're testing M16-SNAPSHOT . When we import an LDIF (from 
> Directory
> Studio) containing entries that have a pwdPolicySubEntry attribute a 
> null pointer exception occurs.
> The policy defined in the in attribute exists and when 
> ads-enabled=TRUE is set, the entry imports ok. If the policy 
> ads-enabled=FALSE, the NPE is thrown.
>
> Maybe this is the expected behavior? We would in some situations like 
> to bulk load users without the policy enabled, then after everyone is 
> in there, enable the policy.
>
> Thanks!
>
> #!RESULT ERROR
> #!CONNECTION ldap://localhost:10389
> #!DATE 2013-10-30T15:32:25.999
> #!ERROR [LDAP: error code 80 - OTHER: failed for MessageType : 
> ADD_REQUEST Message ID : 19
> Add Request : Entry     dn[n]: uid=1336598819633,ou=users,ou=int,o=cpro
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> uid: 1336598819633
> mail: test@test.com<mailto:test@test.com>
> sn: Test
> givenName: Test
> pwdPolicySubEntry:
> ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authentication
> Interceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> userPassword: '0x7B 0x53 0x53 0x48 0x41 0x7D 0x32 0x78 0x62 0x6B 0x4E 
> 0x77
> 0x30 0x39 0x4B 0x77 ...'
> title: -none-
> employeeNumber: Test.Test
> cn: Test, Test
> displayName: Test, Test:
> null: java.lang.NullPointerException        at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.check
> (AuthenticationInterceptor.java:1262)
> at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.add(A
> uthenticationInterceptor.java:364)
> at
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(
> BaseInterceptor.java:422)
> at
> org.apache.directory.server.core.normalization.NormalizationIntercepto
> r.add(NormalizationInterceptor.java:127)
> at
> org.apache.directory.server.core.DefaultOperationManager.add(DefaultOp
> erationManager.java:394)
> at
> org.apache.directory.server.core.shared.DefaultCoreSession.add(Default
> CoreSession.java:233)
> at
> org.apache.directory.server.core.shared.DefaultCoreSession.add(Default
> CoreSession.java:217)
> at
> org.apache.directory.server.ldap.handlers.request.AddRequestHandler.ha
> ndle(AddRequestHandler.java:57)
> at
> org.apache.directory.server.ldap.handlers.request.AddRequestHandler.ha
> ndle(AddRequestHandler.java:39)
> at
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
> sage(LdapRequestHandler.java:207)
> at
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMes
> sage(LdapRequestHandler.java:56)
> at
> org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(Demuxi
> ngIoHandler.java:221)
> at
> org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(L
> dapProtocolHandler.java:217)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messa
> geReceived(DefaultIoFilterChain.java:690)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageR
> eceived(DefaultIoFilterChain.java:417)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(Defa
> ultIoFilterChain.java:47)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.mess
> ageReceived(DefaultIoFilterChain.java:765)
> at
> org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java
> :74) at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)
> at
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
> Task(UnorderedThreadPoolExecutor.java:474)
> at
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run
> (UnorderedThreadPoolExecutor.java:428)
> at java.lang.Thread.run(Unknown Source)  ]
> dn: uid=1336598819633,ou=users,ou=int,o=cpro
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> uid: 1336598819633
> mail: test@test.com<mailto:test@test.com>
> sn: Test
> givenName: Test
> pwdPolicySubEntry:
> ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authentication
> Interceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> userPassword::
> e1NTSEF9Mnhia053MDlLd1dVZE0xMTFXUzQ3K2s5N3JzS3o4UHlYbGF2VUE9PQ==
> title: -none-
> employeeNumber: Test.Test
> cn: Test, Test
> displayName: Test, Test
>
>
>


--
Kiran Ayyagari
http://keydap.com

Mime
View raw message