Details
-
Type:
Bug
-
Status: Dev backlog
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 5.5.3, 6.5.3, 7.0.0, 7.0.1, 7.1.0
-
Fix Version/s: None
-
Labels:None
-
Environment:DS_5.5.3-1_all.deb, DS_6.5.3-1_all.deb and DS_7.0.0-M2020-10.3-1_all.deb,
opendj-deb-7.0.1-RC2.deb and opendj-rpm-7.0.1-RC2.rpm
Description
Not sure if I understand right from slack conversation. So if we using baseDn with unknown attributes like 'ds' then it should be failed.
Steps to reproduce (v. 7.0.0):
- Download and install DS
dpkg -i DS_7.0.0-M2020-10.3-1_all.deb
- Setup DS with ds-user-data profile and set the profile baseDn to 'ds=example,dc=com' then start DS
./opendj/setup --serverId first-ds --deploymentKeyPassword password --rootUserDn uid=admin --rootUserPassword password --monitorUserPassword password --hostname localhost --ldapPort 1389 --ldapsPort 1636 --httpsPort 8443 --adminConnectorPort 4444 --profile ds-user-data --set ds-user-data/baseDn:ds=example,dc=com --acceptLicense ... Validating parameters..... Done Configuring certificates....... Done Store the following deployment key in a safe place and re-use it when configuring other servers in the topology: XYZ Configuring server..... Done Configuring profile DS user data store....... Done To see basic server status and configuration, you can launch /opt/opendj/bin/status
- Try ldapsearch
./opendj/bin/ldapsearch -h localhost -p 1636 --useSsl -X -D uid=admin -w password -b "ds=example,dc=com" "(&)" dn dn: ds=example,dc=com
Second strange thing is when we setup old version with this invalid baseDn when after upgrade to version 7.0.0 so data disappears.
Steps to reproduce (from 5.5.3 to 7.0.0)
- Download and install DS 5.5.3
dpkg -i DS_5.5.3-1_all.deb
- Setup DS with sampleData
./opendj/setup --rootUserDn uid=admin --rootUserPassword password --hostname localhost --ldapPort 1389 --enableStartTls --ldapsPort 1636 --httpsPort 8443 --adminConnectorPort 4444 --baseDn ds=example,dc=com --sampleData 200 --acceptLicense Validating parameters..... Done Configuring certificates.....WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.opends.server.util.Platform$PlatformIMPL (file:/opt/opendj/lib/opendj.jar) to constructor sun.security.tools.keytool.CertAndKeyGen(java.lang.String,java.lang.String) WARNING: Please consider reporting this to the maintainers of org.opends.server.util.Platform$PlatformIMPL WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Done Configuring server..... Done Importing automatically-generated data (200 entries)....... Done Starting directory server............ Done To see basic server status and configuration, you can launch /opt/opendj/bin/status
- Run ldapsearch
./opendj/bin/ldapsearch -h localhost -p 1389 -D uid=admin -w password -b "ds=example,dc=com" "(&)" dn dn: ds=example,dc=com dn: ou=People,ds=example,dc=com dn: uid=user.0,ou=People,ds=example,dc=com ...
- Upgrade DS to 7.0.0 version
sudo dpkg -i DS_7.0.0-M2020-10.3-1_all.deb
- Check that DS was updated
- Run the same ldapsearch (or same but change to ldaps port + useSsl option)
./opendj/bin/ldapsearch -h localhost -p 1389 -D uid=admin -w password -b "ds=example,dc=com" "(&)" dn # The LDAP search request failed: 32 (No Such Entry) # Additional Information: The search base entry 'ds=example,dc=com' does not exist
Looks strange that DS accept this baseDN during setup but during upgrade with data with this baseDn are disappears.
Note: It does not happens only with 'ds=example,dc=com', I tried with more invalid - like 'dcou=com' with same result.