OpenLDAP error "Undefined attribute type (17)"
by lqoreader from LinuxQuestions.org on (#4R2NV)
Hi LDAP Pros!
On my experimental OpenLDAP server version 2.4.44 on platform CentOS Linux release 7.6.1810 (Core) I experience an "Undefined attribute type (17)" error trying to reset LDAP users' password by invoking
Code:ldappasswd -x -H ldap://localhost -D "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" -w 121110987654321 -a 121110987654321 -s 123456789101112It's the same trying to reset the users password by LDAPAdmin GUI.
It is clear that the error code 17 means (see: https://ldap.com/ldap-result-code-re...ttributeType):
Quote:
I set the loglevel in slapd.conf to Code:-1 but I cannot identify the error in the logfile /var/log/openldap.log :
Code:daemon: activity on 1 descriptor
daemon: activity on:
on:
slap_listener_activate(9):
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 busy
>>> slap_listener(ldap:///)
daemon: listen=9, new connection on 14
daemon: activity on 1 descriptor
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
daemon: added 14r (active) listener=(nil)
conn=1043 fd=14 ACCEPT from IP=[::1]:55936 (IP=[::]:389)
daemon: activity on 2 descriptors
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
op tag 0x60, time 1569336140
conn=1043 op=0 do_bind
daemon: activity on 1 descriptor
>>> dnPrettyNormal: <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
<<< dnPrettyNormal: <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>, <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>
conn=1043 op=0 BIND dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" method=128
do_bind: version=3 dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" method=128
==> mdb_bind: dn: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
=> access_allowed: result not in cache (userPassword)
=> access_allowed: auth access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: anonymous
<= acl_mask: [1] applying auth(=xd) (stop)
<= acl_mask: [1] mask: auth(=xd)
=> slap_access_allowed: auth access granted by auth(=xd)
=> access_allowed: auth access granted by auth(=xd)
conn=1043 op=0 BIND dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" mech=SIMPLE ssf=0
do_bind: v3 bind: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
send_ldap_result: conn=1043 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
conn=1043 op=0 RESULT tag=97 err=0 text=
daemon: activity on 1 descriptor
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
daemon: epoll: listen=9 active_threads=0 tvp=zero
op tag 0x77, time 1569336140
conn=1043 op=1 do_extended
daemon: activity on 1 descriptor
conn=1043 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.1
daemon: activity on:
do_extended: oid=1.3.6.1.4.1.4203.1.11.1
3.1.11.1
conn=1043 op=1 PASSMOD old new
daemon: epoll: listen=7 active_threads=0 tvp=zero
=> mdb_entry_get: ndn: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
daemon: epoll: listen=8 active_threads=0 tvp=zero
=> mdb_entry_get: oc: "(null)", at: "userPassword"
daemon: epoll: listen=9 active_threads=0 tvp=zero
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
=> mdb_entry_get: found entry: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
mdb_entry_get: rc=0
=> access_allowed: result not in cache (userPassword)
=> access_allowed: auth access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: auth access granted by write(=wrscxd)
=> access_allowed: auth access granted by write(=wrscxd)
mdb_modify: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
slap_queue_csn: queueing 0x7f9d58126110 20190924144220.960337Z#000000#000#000000
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
mdb_modify_internal: 0x000002cc: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
=> access_allowed: result not in cache (userPassword)
=> access_allowed: delete access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to all values by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: delete access granted by write(=wrscxd)
=> access_allowed: delete access granted by write(=wrscxd)
=> access_allowed: result not in cache (userPassword)
=> access_allowed: add access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: add access granted by write(=wrscxd)
=> access_allowed: add access granted by write(=wrscxd)
acl: internal mod entryCSN: modify access granted
acl: internal mod modifiersName: modify access granted
acl: internal mod modifyTimestamp: modify access granted
mdb_modify_internal: replace userPassword
mdb_modify_internal: replace entryCSN
mdb_modify_internal: replace modifiersName
mdb_modify_internal: replace modifyTimestamp
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "inetOrgPerson"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "mailUser"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "shadowAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "amavisAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "posixAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "sambaSamAccount"
oc_check_allowed type "loginShell"
oc_check_allowed type "preferredLanguage"
oc_check_allowed type "sn"
oc_check_allowed type "mail"
oc_check_allowed type "sambaPasswordHistory"
oc_check_allowed type "sambaPrimaryGroupSID"
oc_check_allowed type "objectClass"
oc_check_allowed type "storageBaseDirectory"
oc_check_allowed type "enabledService"
oc_check_allowed type "accountSetting"
oc_check_allowed type "amavisLocal"
oc_check_allowed type "o"
oc_check_allowed type "street"
oc_check_allowed type "postalCode"
oc_check_allowed type "st"
oc_check_allowed type "l"
oc_check_allowed type "sambaDomainName"
oc_check_allowed type "accountStatus"
oc_check_allowed type "shadowLastChange"
oc_check_allowed type "mailHost"
oc_check_allowed type "cn"
oc_check_allowed type "displayName"
oc_check_allowed type "gidNumber"
oc_check_allowed type "givenName"
oc_check_allowed type "homeDirectory"
oc_check_allowed type "initials"
oc_check_allowed type "mailMessageStore"
oc_check_allowed type "sambaSID"
oc_check_allowed type "uid"
oc_check_allowed type "uidNumber"
oc_check_allowed type "structuralObjectClass"
oc_check_allowed type "entryUUID"
oc_check_allowed type "creatorsName"
oc_check_allowed type "createTimestamp"
oc_check_allowed type "shadowAddress"
oc_check_allowed type "mailQuota"
oc_check_allowed type "sambaPwdLastSet"
oc_check_allowed type "UNDEFINED"
oc_check_allowed type "sambaNTPassword"
oc_check_allowed type "sambaLMPassword"
oc_check_allowed type "userPassword"
oc_check_allowed type "entryCSN"
oc_check_allowed type "modifiersName"
oc_check_allowed type "modifyTimestamp"
mdb_idl_delete_keys: 2cc
mdb_idl_insert_keys: 2cc
=> mdb_entry_encode(0x000002cc): mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mdb_modify: id2entry update failed (17)
send_ldap_result: conn=1043 op=1 p=3
send_ldap_result: err=17 matched="" text="entry update failed"
slap_graduate_commit_csn: removing 0x7f9d58126110 20190924144220.960337Z#000000#000#000000
send_ldap_extended: err=17 oid= len=0
send_ldap_response: msgid=2 tag=120 err=17
conn=1043 op=1 RESULT oid= err=17 text=
daemon: activity on 1 descriptor
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
op tag 0x42, time 1569336140
ber_get_next on fd 14 failed errno=0 (Success)
connection_read(14): input error=-2 id=1043, closing.
connection_closing: readying conn=1043 sd=14 for close
connection_close: deferring conn=1043 sd=14
conn=1043 op=2 do_unbind
conn=1043 op=2 UNBIND
connection_resched: attempting closing conn=1043 sd=14
connection_close: conn=1043 sd=14
daemon: removing 14
conn=1043 fd=14 closed
daemon: activity on 1 descriptor
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zeroMy question is: How can I identify the undefined Attribute Type?
Thank you very much!
Best regards,
Armin
On my experimental OpenLDAP server version 2.4.44 on platform CentOS Linux release 7.6.1810 (Core) I experience an "Undefined attribute type (17)" error trying to reset LDAP users' password by invoking
Code:ldappasswd -x -H ldap://localhost -D "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" -w 121110987654321 -a 121110987654321 -s 123456789101112It's the same trying to reset the users password by LDAPAdmin GUI.
It is clear that the error code 17 means (see: https://ldap.com/ldap-result-code-re...ttributeType):
Quote:
| undefinedAttributeType (17) Applicable operation types: add, modify The undefinedAttributeType result code indicates that the request attempted to provide one or more values for an attribute type that is not defined in the server schema. For an add request, it indicates that the provided entry included an attribute for which there is no corresponding attribute type definition in the schema. For a modify request, it indicates that a modification attempted to add one or more values, or to replace the entire set of values, for an attribute type that is not defined in the server schema. |
Code:daemon: activity on 1 descriptor
daemon: activity on:
on:
slap_listener_activate(9):
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 busy
>>> slap_listener(ldap:///)
daemon: listen=9, new connection on 14
daemon: activity on 1 descriptor
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
daemon: added 14r (active) listener=(nil)
conn=1043 fd=14 ACCEPT from IP=[::1]:55936 (IP=[::]:389)
daemon: activity on 2 descriptors
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
op tag 0x60, time 1569336140
conn=1043 op=0 do_bind
daemon: activity on 1 descriptor
>>> dnPrettyNormal: <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
<<< dnPrettyNormal: <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>, <mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com>
conn=1043 op=0 BIND dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" method=128
do_bind: version=3 dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" method=128
==> mdb_bind: dn: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
=> access_allowed: result not in cache (userPassword)
=> access_allowed: auth access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "", (=0)
<= check a_dn_pat: anonymous
<= acl_mask: [1] applying auth(=xd) (stop)
<= acl_mask: [1] mask: auth(=xd)
=> slap_access_allowed: auth access granted by auth(=xd)
=> access_allowed: auth access granted by auth(=xd)
conn=1043 op=0 BIND dn="mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" mech=SIMPLE ssf=0
do_bind: v3 bind: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
send_ldap_result: conn=1043 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
conn=1043 op=0 RESULT tag=97 err=0 text=
daemon: activity on 1 descriptor
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
daemon: epoll: listen=9 active_threads=0 tvp=zero
op tag 0x77, time 1569336140
conn=1043 op=1 do_extended
daemon: activity on 1 descriptor
conn=1043 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.1
daemon: activity on:
do_extended: oid=1.3.6.1.4.1.4203.1.11.1
3.1.11.1
conn=1043 op=1 PASSMOD old new
daemon: epoll: listen=7 active_threads=0 tvp=zero
=> mdb_entry_get: ndn: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
daemon: epoll: listen=8 active_threads=0 tvp=zero
=> mdb_entry_get: oc: "(null)", at: "userPassword"
daemon: epoll: listen=9 active_threads=0 tvp=zero
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
=> mdb_entry_get: found entry: "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com"
mdb_entry_get: rc=0
=> access_allowed: result not in cache (userPassword)
=> access_allowed: auth access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: auth access granted by write(=wrscxd)
=> access_allowed: auth access granted by write(=wrscxd)
mdb_modify: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
slap_queue_csn: queueing 0x7f9d58126110 20190924144220.960337Z#000000#000#000000
mdb_dn2entry("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
=> mdb_dn2id("mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com")
<= mdb_dn2id: got id=0x2cc
=> mdb_entry_decode:
<= mdb_entry_decode
mdb_modify_internal: 0x000002cc: mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
=> access_allowed: result not in cache (userPassword)
=> access_allowed: delete access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to all values by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: delete access granted by write(=wrscxd)
=> access_allowed: delete access granted by write(=wrscxd)
=> access_allowed: result not in cache (userPassword)
=> access_allowed: add access to "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" "userPassword" requested
=> acl_get: [1] attr userPassword
=> acl_mask: access to entry "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", attr "userPassword" requested
=> acl_mask: to value by "mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com", (=0)
<= check a_dn_pat: anonymous
<= check a_dn_pat: self
<= acl_mask: [2] applying write(=wrscxd) (stop)
<= acl_mask: [2] mask: write(=wrscxd)
=> slap_access_allowed: add access granted by write(=wrscxd)
=> access_allowed: add access granted by write(=wrscxd)
acl: internal mod entryCSN: modify access granted
acl: internal mod modifiersName: modify access granted
acl: internal mod modifyTimestamp: modify access granted
mdb_modify_internal: replace userPassword
mdb_modify_internal: replace entryCSN
mdb_modify_internal: replace modifiersName
mdb_modify_internal: replace modifyTimestamp
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "inetOrgPerson"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "mailUser"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "shadowAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "amavisAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "posixAccount"
oc_check_required entry (mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com), objectClass "sambaSamAccount"
oc_check_allowed type "loginShell"
oc_check_allowed type "preferredLanguage"
oc_check_allowed type "sn"
oc_check_allowed type "mail"
oc_check_allowed type "sambaPasswordHistory"
oc_check_allowed type "sambaPrimaryGroupSID"
oc_check_allowed type "objectClass"
oc_check_allowed type "storageBaseDirectory"
oc_check_allowed type "enabledService"
oc_check_allowed type "accountSetting"
oc_check_allowed type "amavisLocal"
oc_check_allowed type "o"
oc_check_allowed type "street"
oc_check_allowed type "postalCode"
oc_check_allowed type "st"
oc_check_allowed type "l"
oc_check_allowed type "sambaDomainName"
oc_check_allowed type "accountStatus"
oc_check_allowed type "shadowLastChange"
oc_check_allowed type "mailHost"
oc_check_allowed type "cn"
oc_check_allowed type "displayName"
oc_check_allowed type "gidNumber"
oc_check_allowed type "givenName"
oc_check_allowed type "homeDirectory"
oc_check_allowed type "initials"
oc_check_allowed type "mailMessageStore"
oc_check_allowed type "sambaSID"
oc_check_allowed type "uid"
oc_check_allowed type "uidNumber"
oc_check_allowed type "structuralObjectClass"
oc_check_allowed type "entryUUID"
oc_check_allowed type "creatorsName"
oc_check_allowed type "createTimestamp"
oc_check_allowed type "shadowAddress"
oc_check_allowed type "mailQuota"
oc_check_allowed type "sambaPwdLastSet"
oc_check_allowed type "UNDEFINED"
oc_check_allowed type "sambaNTPassword"
oc_check_allowed type "sambaLMPassword"
oc_check_allowed type "userPassword"
oc_check_allowed type "entryCSN"
oc_check_allowed type "modifiersName"
oc_check_allowed type "modifyTimestamp"
mdb_idl_delete_keys: 2cc
mdb_idl_insert_keys: 2cc
=> mdb_entry_encode(0x000002cc): mail=test.user1@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mdb_modify: id2entry update failed (17)
send_ldap_result: conn=1043 op=1 p=3
send_ldap_result: err=17 matched="" text="entry update failed"
slap_graduate_commit_csn: removing 0x7f9d58126110 20190924144220.960337Z#000000#000#000000
send_ldap_extended: err=17 oid= len=0
send_ldap_response: msgid=2 tag=120 err=17
conn=1043 op=1 RESULT oid= err=17 text=
daemon: activity on 1 descriptor
daemon: activity on:
14r
14r
daemon: read active on 14
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zero
connection_get(14)
connection_get(14): got connid=1043
connection_read(14): checking for input on id=1043
op tag 0x42, time 1569336140
ber_get_next on fd 14 failed errno=0 (Success)
connection_read(14): input error=-2 id=1043, closing.
connection_closing: readying conn=1043 sd=14 for close
connection_close: deferring conn=1043 sd=14
conn=1043 op=2 do_unbind
conn=1043 op=2 UNBIND
connection_resched: attempting closing conn=1043 sd=14
connection_close: conn=1043 sd=14
daemon: removing 14
conn=1043 fd=14 closed
daemon: activity on 1 descriptor
daemon: activity on:
on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: epoll: listen=9 active_threads=0 tvp=zeroMy question is: How can I identify the undefined Attribute Type?
Thank you very much!
Best regards,
Armin