kmaule Absent Member.
Absent Member.
254 views

eDirectory biDirectional LDAP schema issue on startup


Hi there,
Seems to be a schema conflict issue when we startup a new eDirectory
bi-directional driver.
Any thoughts on remediation are most welcome!

Below is the LDAP trace of the target eDirectory server that is running
the driver shim.

==
> 09:04:22 New TLS connection 0x22555ef0 from 10.30.233.129:53874, monitor
> = 0x1608, index = 2
> 09:04:22 Monitor 0x1608 initiating TLS handshake on connection
> 0x22555ef0
> 09:04:22 DoTLSHandshake on connection 0x22555ef0
> 09:04:22 BIO ctrl called with unknown cmd 7
> 09:04:22 Completed TLS handshake on connection 0x22555ef0
> 09:04:22 DoBind on connection 0x22555ef0
> 09:04:22 Bind name:cn=IDM_ADMIN_PROXY,o=HXXX, version:3,
> authentication:simple
> 09:04:22 Sending operation result 0:"":"" to connection 0x22555ef0
> 09:04:22 DoSearch on connection 0x22555ef0
> 09:04:22 Search request:
> base: ""
> scope:0 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
> filter: "(objectclass=*)"
> attribute: "subschemasubentry"
> attribute: "2.5.18.10"
> 09:04:22 Unsupported or duplicate attribute: "2.5.18.10"
> 09:04:22 Sending search result entry "" to connection 0x22555ef0
> 09:04:22 Sending operation result 0:"":"" to connection 0x22555ef0
> 09:04:22 DoSearch on connection 0x22555ef0
> 09:04:22 Search request:
> base: "cn=schema"
> scope:0 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
> filter: "(objectclass=*)"
> attribute: "objectclasses"
> attribute: "2.5.21.6"
> attribute: "attributetypes"
> attribute: "2.5.21.5"
> 09:04:22 Ignored duplicate LDAP attr "bRDSRVSAlertBitMask" for NDS attr
> "BRDSRVS:Alert Bit Mask" as it conflicts with existing LDAP attr
> "bRDSRVSAlertBitMask" for NDS attr "BRDSRVS: Alert Bit Mask"
> 09:04:22 Ignored duplicate LDAP attr "bRDSRVSAlertBitMask" for NDS attr
> "BRDSRVS:Alert Bit Mask" as it conflicts with existing LDAP attr
> "bRDSRVSAlertBitMask" for NDS attr "BRDSRVS: Alert Bit Mask"
> 09:04:22 Ignored duplicate LDAP attr "bRDSRVSAlertBitMask" for NDS attr
> "BRDSRVS:Alert Bit Mask" as it conflicts with existing LDAP attr
> "bRDSRVSAlertBitMask" for NDS attr "BRDSRVS: Alert Bit Mask"
> 09:04:22 Unsupported or duplicate attribute: "2.5.21.6"
> 09:04:22 Unsupported or duplicate attribute: "2.5.21.5"
> 09:04:22 Sending search result entry "cn=schema" to connection
> 0x22555ef0
> 09:04:22 Sending operation result 0:"":"" to connection 0x22555ef0
> 09:04:24 DoSearch on connection 0x22555ef0
> 09:04:24 Search request:
> base: ""
> scope:0 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
> filter: "(objectclass=*)"
> attribute: "namingContexts"
> attribute: "subschemasubentry"
> attribute: "supportedExtension"
> 09:04:24 Sending search result entry "" to connection 0x22555ef0
> 09:04:24 Sending operation result 0:"":"" to connection 0x22555ef0



--
kmaule
------------------------------------------------------------------------
kmaule's Profile: https://forums.netiq.com/member.php?userid=306
View this thread: https://forums.netiq.com/showthread.php?t=55174

Labels (1)
0 Likes
2 Replies
Knowledge Partner
Knowledge Partner

Re: eDirectory biDirectional LDAP schema issue on startup


> 09:04:22 Ignored duplicate LDAP attr "bRDSRVSAlertBitMask" for NDS attr
> "BRDSRVS:Alert Bit Mask" as it conflicts with existing LDAP attr
> "bRDSRVSAlertBitMask" for NDS attr "BRDSRVS: Alert Bit Mask"

Hi kmaule,
Do you have 2 attributes with "same" NDS attr name? (Difference only
"space" in the name, *BRDSRVS:Alert Bit Mask* and *BRDSRVS: Alert Bit
Mask*).
LDAP attribute name (by default) just "trim" space and special
characters and as result you have "same" LDAP attr name for 2 NDS
attributes.

Alex


--
If you find this post helpful, please show your appreciation by clicking
on the star below :cool:
------------------------------------------------------------------------
al_b's Profile: https://forums.netiq.com/member.php?userid=209
View this thread: https://forums.netiq.com/showthread.php?t=55174

0 Likes
Highlighted
kmaule Absent Member.
Absent Member.

Re: eDirectory biDirectional LDAP schema issue on startup


Well after messing around with manual LDAP attribute mappings and a few
eDir restarts, it didn't change anything. Noticed that my target server
was not in the iMonitor "Server Schema Source List". Bit strange.
Tried the shim on a different server and it worked! Not a fix, but a
work around. Waiting to hear from NTS on this.


--
kmaule
------------------------------------------------------------------------
kmaule's Profile: https://forums.netiq.com/member.php?userid=306
View this thread: https://forums.netiq.com/showthread.php?t=55174

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.