Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-3488

Removing an Auxiliary Objectclass from a user in a replicated topology not applied on the remote server

    Details

    • Support Ticket IDs:

      Description

      Removing an Auxiliary Objectclass from a user in a replicated topology is not applied on the remote server. The operation is replicated Master2, it is however not applied to Master2's backend.

      1. Add an aux class to an entry on Master 1
      2. Remove the same aux class on the entry from Master 1.

      The following audit log is form Master 2.

      Add "objectClass: userSecurityInformation" to the entry.

      # 14/Nov/2016:12:48:14 -0700; conn=-1; op=78
      dn: uid=user.0,ou=People,dc=example,dc=com
      changetype: modify
      add: objectClass
      objectClass: userSecurityInformation
      -
      replace: modifiersName
      modifiersName: cn=Directory Manager,cn=Root DNs,cn=config
      -
      replace: modifyTimestamp
      modifyTimestamp: 20161114194814Z
      -
      replace: ds-sync-hist
      ds-sync-hist: objectClass:000001586462035e350f00000001:add:userSecurityInformation
      ds-sync-hist: modifiersName:000001586462035e350f00000001:repl:cn=Directory Manager,cn=Root DNs,cn=config
      ds-sync-hist: modifyTimestamp:000001586462035e350f00000001:repl:20161114194814Z
      

      The delete of "objectClass: userSecurityInformation" to the entry is replicated.

      # 14/Nov/2016:12:48:15 -0700; conn=-1; op=79
      dn: dc=example,dc=com
      changetype: modify
      replace: ds-sync-state
      ds-sync-state: 000001586462035e350f00000001
      
      # 14/Nov/2016:12:50:14 -0700; conn=-1; op=80
      dn: uid=user.0,ou=People,dc=example,dc=com
      changetype: modify
      replace: modifiersName
      modifiersName: cn=Directory Manager,cn=Root DNs,cn=config
      -
      replace: modifyTimestamp
      modifyTimestamp: 20161114195014Z
      -
      replace: ds-sync-hist
      ds-sync-hist: objectClass:000001586463d846350f00000002:del:userSecurityInformation
      ds-sync-hist: modifiersName:000001586463d846350f00000002:repl:cn=Directory Manager,cn=Root DNs,cn=config
      ds-sync-hist: modifyTimestamp:000001586463d846350f00000002:repl:20161114195014Z
      
      # 14/Nov/2016:12:50:15 -0700; conn=-1; op=81
      dn: dc=example,dc=com
      changetype: modify
      replace: ds-sync-state
      ds-sync-state: 000001586463d846350f00000002
      

      Search of user.0 after adding the class.

      opendj; bin/$ date; ./ldapsearch --bindDN "cn=Directory Manager" -j pass --hostname localhost --port 2389 -X --baseDN dc=example,dc=com uid=user.0 objectClass +
      Mon Nov 14 12:50:06 MST 2016
      dn: uid=user.0,ou=People,dc=example,dc=com
      objectClass: top
      objectClass: organizationalPerson
      objectClass: person
      objectClass: inetOrgPerson
      objectClass: userSecurityInformation
      modifyTimestamp: 20161114194814Z
      ds-sync-hist: objectClass:000001586462035e350f00000001:add:userSecurityInformati
       on
      ds-sync-hist: modifiersName:000001586462035e350f00000001:repl:cn=Directory Manag
       er,cn=Root DNs,cn=config
      ds-sync-hist: modifyTimestamp:000001586462035e350f00000001:repl:20161114194814Z
      modifiersName: cn=Directory Manager,cn=Root DNs,cn=config
      entryUUID: 0d3ce3bf-4107-3b34-9e5a-fa71deb8b504
      pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
      subschemaSubentry: cn=schema
      hasSubordinates: false
      numSubordinates: 0
      etag: 00000000b293d888
      structuralObjectClass: inetOrgPerson
      entryDN: uid=user.0,ou=People,dc=example,dc=com
      

      Search of user.0 after deleting the class....userSecurityInformation is still there.

      opendj; bin/$ date; ./ldapsearch --bindDN "cn=Directory Manager" -j pass --hostname localhost --port 2389 -X --baseDN dc=example,dc=com uid=user.0 objectClass +
      Mon Nov 14 12:50:24 MST 2016
      dn: uid=user.0,ou=People,dc=example,dc=com
      objectClass: top
      objectClass: organizationalPerson
      objectClass: person
      objectClass: inetOrgPerson
      objectClass: userSecurityInformation
      modifyTimestamp: 20161114195014Z
      ds-sync-hist: objectClass:000001586463d846350f00000002:del:userSecurityInformati
       on
      ds-sync-hist: modifiersName:000001586463d846350f00000002:repl:cn=Directory Manag
       er,cn=Root DNs,cn=config
      ds-sync-hist: modifyTimestamp:000001586463d846350f00000002:repl:20161114195014Z
      modifiersName: cn=Directory Manager,cn=Root DNs,cn=config
      entryUUID: 0d3ce3bf-4107-3b34-9e5a-fa71deb8b504
      pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
      subschemaSubentry: cn=schema
      hasSubordinates: false
      numSubordinates: 0
      etag: 00000000b278d881
      structuralObjectClass: inetOrgPerson
      entryDN: uid=user.0,ou=People,dc=example,dc=com
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cjr Chris Ridd
                Reporter:
                lee.trujillo Lee Trujillo
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: