[turba] Problem with Turba and LDAP addressbook

Paul-Erik Törrönen paul-erik.torronen at cardinal.fi
Thu Nov 3 23:43:36 PST 2005


On Thu, 2005-11-03 at 14:21 +0200, Paul-Erik Törrönen wrote:
> access to dn.regex="^ou=(.+),ou=personal_addressbook,dc=our,dc=domain
> $$"
>         by dn.regex="^uid=$1,ou=Users,dc=our,dc=domain$$" write
>         by * none

Ok, as Murray Trainer and Adam T Williams pointed out, the regex is at
fault here, the dn does not begin with the 'uid' so I removed the ^ as
well as the trailing $$. However I now get the following error message:

 There was an error adding the new contact. Contact your system
administrator for further help.Failed to add an object: [32] "No such
object" DN:
cn=Jarkko,uid=20051103152713.5ost2ejj20w0 at groupware.our.domain,ou=poltsi,ou=personal_addressbook,dc=our,dc=domain (attributes:

And as I finally found out how to get some openLDAP debug information
(for some reason it doesn't seem to heed the 'loglevel 4095' parameter
in slapd.conf), running it manually reveals the following:

conn=0 op=0 BIND dn="uid=poltsi,ou=Users,dc=our,dc=domain" mech=SIMPLE ssf=0
conn=0 op=0 RESULT tag=97 err=0 text=
conn=0 op=1 ADD dn="cn=Jarkko,uid=20051103152713.5ost2ejj20w0 at groupware.our.domain,ou=poltsi,ou=personal_addressbook
,dc=our,dc=domain"
=> access_allowed: write access to "cn=Jarkko,uid=20051103152713.5ost2ejj20w0 at groupware.our.domain,ou=poltsi,ou=pers
onal_addressbook,dc=our,dc=domain" "entry" requested
=> dnpat: [2] ou=(.+),ou=personal_addressbook,dc=our,dc=domain nsub: 1
=> acl_get: [2] matched
=> acl_get: [2] attr entry
=> match[0]: 70 130 ou=poltsi,ou=personal_addressbook,dc=our,dc=domain=> match[1]: 73 79 poltsi=> acl_mask: acces
s to entry "cn=Jarkko,uid=20051103152713.5ost2ejj20w0 at groupware.our.domain,ou=poltsi,ou=personal_addressbook,dc=our,dc=domain", attr "entry" requested
=> acl_mask: to all values by "uid=poltsi,ou=users,dc=our,dc=domain", (=n) 
<= check a_dn_pat: uid=$1,ou=Users,dc=our,dc=domain
<= acl_mask: [1] applying write(=wrscx) (stop)
<= acl_mask: [1] mask: write(=wrscx)
=> access_allowed: write access granted by write(=wrscx)
conn=0 op=1 RESULT tag=105 err=32 text=parent does not exist
conn=0 op=2 UNBIND
conn=0 fd=8 closed

As many may have noticed, I'm not that proficient with the LDAP yet, but
I've made the additional discovery which may be significant. When
searching the LDAP-tree manually, I found that the
'ou=poltsi,ou=personal_addressbook,dc=our,dc=domain' can not be found
with the command 'ldapsearch -LLL -x -u -t "(ou=poltsi)"'. However the
command 'ldapsearch -LLL -x -u -t "(ou=personal_addressbook)"' does
return the appropriate data. Looking through the ldif-dump of the full
tree the relevant definitions do exist as so:

dn: ou=personal_addressbook,dc=our,dc=domain
ou: personal_addressbook
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 0a3d895e-dfea-1029-94d6-9d112aa3f676
creatorsName: cn=Manager,dc=our,dc=domain
createTimestamp: 20051102124340Z
entryCSN: 20051102124340Z#000001#00#000000
modifiersName: cn=Manager,dc=our,dc=domain
modifyTimestamp: 20051102124340Z

dn: ou=poltsi,ou=personal_addressbook,dc=our,dc=domain
ou: poltsi
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 327b7976-dfef-1029-87a6-f017253522e0
creatorsName: cn=Manager,dc=our,dc=domain
createTimestamp: 20051102132035Z
entryCSN: 20051102132035Z#000001#00#000000
modifiersName: cn=Manager,dc=our,dc=domain
modifyTimestamp: 20051102132035Z

Is this correct?

TIA,

Poltsi
-- 
Paul-Erik Törrönen, 
Cardinal Information Systems Ltd.
Pursimiehenkatu 29-31 C
00150 Helsinki, Finland
Mobile: +358 (0)40 703 1231
Phone: +358 (0)424 792 204
Fax: +358 (0)424 792 207
http://www.cardinal.fi/



More information about the turba mailing list