Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-2738

DN validation fails when RDN uses a custom attribute



    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.5.0, 4.0.0
    • Component/s: core server
    • Environment:
      java version "1.7.0_79"
      Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
      Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)

      CentOS release 6.7 (Final)


      I use the following simple custom schema in OpenDJ 3:

      dn: cn=schema
      objectClass: top
      objectClass: ldapSubentry
      objectClass: subschema
      cn: schema
      attributeTypes: ( NAME 'orgOID'  EQUALITY ORDERING SUBSTR SYNTAX USAGE userApplications X-APPROX '' )
      attributeTypes: ( NAME 'associateoid'  EQUALITY ORDERING SUBSTR SYNTAX USAGE userApplications X-APPROX '' )
      objectClasses: ( Customerorganization-oid NAME 'Customerorganization'  SUP ( ) STRUCTURAL MUST ( ))
      objectClasses: ( Customerassociate-oid NAME 'Customerassociate'  SUP ( 2.16.840.1.113730.3.2.2 ) STRUCTURAL MUST ( ) MAY ( ))

      I'm able to create users such as the one shown below:

      dn: associateoid=test,orgOID=FR200511241553638,ou=clients,o=customer
      changetype: add
      objectClass: Customerassociate
      objectClass: inetOrgPerson
      objectClass: organizationalPerson
      objectClass: person
      objectClass: top
      sn: test
      cn: test
      associateoid: test

      However, when I try to add such a user to a groupOfEntries entry, it fails with the error below:

      dn: cn=wsit,ou=services,o=customer
      changetype: modify
      add: member
      member: associateoid=test,orgOID=FR200511241553638,ou=clients,o=customer
      #!ERROR [LDAP: error code 21 - When attempting to modify entry cn=wsit,ou=services,o=customer to add one or more values for attribute member, value "associateoid=test,orgOID=FR200511241553638,ou=clients,o=customer" was found to be invalid according to the associated syntax: The DN "associateoid=test,orgOID=FR200511241553638,ou=clients,o=customer" could not be parsed due to the following reason: No attribute type with name or OID "associateoid" exists in the schema]

      Obviously, the associateoid attribute exists in the schema so the new member should be accepted.

      Currently, the workaround is to change the OpenDJ configuration to relax the schema:

      dsconfig set-global-configuration-prop --set invalid-attribute-syntax-behavior:warn --no-prompt


          Issue Links



              JnRouvignac Jean-Noël Rouvignac
              cgrosjean Cyril Grosjean
              QA Assignee:
              Ondrej Fuchsik Ondrej Fuchsik
              0 Vote for this issue
              5 Start watching this issue