directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: FW: Null Pointer when importing Ldif entry with pwdPolicySubEntry attribute
Date Sat, 02 Nov 2013 08:24:50 GMT
are you running the server in embedded mode?
cause there are checks in code to avoid cases like these
and I couldn't reproduce this with the server running in network mode


On Sat, Nov 2, 2013 at 12:55 AM, <Carlo.Accorsi@ibs-ag.com> wrote:

> Hi, When we upgrade between versions of apacheDS, we dump out an LDIF of
> all the users including the  pwdChangedTime and pwdPolicySubEntry
> attributes.
>
> We they all get imported back in, their password are all set to expire (as
> defined in the policy) in 30 days (+/-) the hour
> or however long it takes to import.  We were looking to preserve the
> current period the passwords are valid when uplifting the system.
>
> One idea was to import the pwdChangedTime along with their password policy
> as defined in pwdPolicySubEntry but keep the policy itself disabled.
> (thereby leaving pwdChangedTime alone)
> When we tried this, the null pointer occurs that I sent below the other
> day.  (that example did not include pwdChangedTime)
>
> We thought this might allow us to restore each user's actual password
> expiry. Then Once everyone is imported, we would re-enable the password
> policies.
>
> Am I going down a trail here? Thanks.
>
>
> From: Accorsi, Carlo
> Sent: Wednesday, October 30, 2013 3:55 PM
> To: users@directory.apache.org
> Subject: Null Pointer when importing Ldif entry with pwdPolicySubEntry
> attribute
>
> Hi, we're testing M16-SNAPSHOT . When we import an LDIF (from Directory
> Studio) containing entries that have a pwdPolicySubEntry attribute a null
> pointer exception occurs.
> The policy defined in the in attribute exists and when ads-enabled=TRUE is
> set, the entry imports ok. If the policy ads-enabled=FALSE, the NPE is
> thrown.
>
> Maybe this is the expected behavior? We would in some situations like to
> bulk load users without the policy enabled, then after everyone is in
> there, enable the policy.
>
> Thanks!
>
> #!RESULT ERROR
> #!CONNECTION ldap://localhost:10389
> #!DATE 2013-10-30T15:32:25.999
> #!ERROR [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST
> Message ID : 19
> Add Request : Entry     dn[n]: uid=1336598819633,ou=users,ou=int,o=cpro
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> uid: 1336598819633
> mail: test@test.com<mailto:test@test.com>
> sn: Test
> givenName: Test
> pwdPolicySubEntry:
> ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> userPassword: '0x7B 0x53 0x53 0x48 0x41 0x7D 0x32 0x78 0x62 0x6B 0x4E 0x77
> 0x30 0x39 0x4B 0x77 ...'
> title: -none-
> employeeNumber: Test.Test
> cn: Test, Test
> displayName: Test, Test:
> null: java.lang.NullPointerException        at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.check(AuthenticationInterceptor.java:1262)
> at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:364)
> at
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:422)
> at
> org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:127)
> at
> org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:394)
> at
> org.apache.directory.server.core.shared.DefaultCoreSession.add(DefaultCoreSession.java:233)
> at
> org.apache.directory.server.core.shared.DefaultCoreSession.add(DefaultCoreSession.java:217)
> at
> org.apache.directory.server.ldap.handlers.request.AddRequestHandler.handle(AddRequestHandler.java:57)
> at
> org.apache.directory.server.ldap.handlers.request.AddRequestHandler.handle(AddRequestHandler.java:39)
> at
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207)
> at
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
> at
> org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:221)
> at
> org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:217)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
> at
> org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:74)
> at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63)
> at
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:474)
> at
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:428)
> at java.lang.Thread.run(Unknown Source)  ]
> dn: uid=1336598819633,ou=users,ou=int,o=cpro
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> uid: 1336598819633
> mail: test@test.com<mailto:test@test.com>
> sn: Test
> givenName: Test
> pwdPolicySubEntry:
> ads-pwdId=cproint,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> userPassword::
> e1NTSEF9Mnhia053MDlLd1dVZE0xMTFXUzQ3K2s5N3JzS3o4UHlYbGF2VUE9PQ==
> title: -none-
> employeeNumber: Test.Test
> cn: Test, Test
> displayName: Test, Test
>
>
>


-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message