Hi all,

I have defined a DIT (LMDB) as follows:

dn: olcDatabase={3}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {3}mdb
olcDbDirectory: /var/lib/ldap/mycompany/o=mycompany
olcSuffix: o=mycompany
olcRootDN: uid=admin,ou=system
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="uid=admin,ou=system" write by anonymous auth by self write by * none
olcAccess: {1}to * by dn="uid=admin,ou=system" write by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbEnvFlags: writemap
olcDbEnvFlags: nometasync
olcDbNoSync: FALSE
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbMaxReaders: 0
olcDbMaxSize: 4294967296
olcDbMode: 0600
olcDbSearchStack: 16
I can add the root entry as:

dn: o=mycompany
objectClass: organization
objectClass: top
o: mycompany
And I can also add and delete sub-entries under o=mycompany. But I can not delete the root entry o=mycompany, even there is no sub-entry below it.

Please no that the rootdn (uid=admin,ou=system) is not under the subffix (o=mycompany), that is why no rootPW is defined for this DIT. The rootDN and rootPW are defined in the second DIT (in BDB)

The weird thing was that I could search and found it:

ldapsearch -x -D uid=admin,ou=system -w XXXXXXXXX -H ldap://localhost:389 -b o=mycompany
# extended LDIF
# LDAPv3
# base <o=cornerbank> with scope subtree
# filter: (objectclass=*)
# requesting: ALL

# mycompany
dn: o=mycompany
o: mycompany
objectClass: organization
objectClass: top

# search result
search: 2
result: 0 Success
But it would fail if I tried to delete it:

$ ldapdelete -x -D uid=admin,ou=system -w XXXXXXXXX -H ldap://localhost:389 o=mycompany
ldap_delete: No such object (32)
In the other words, I could import the whole DIT for o=mycompany, but could not delete the whole DIT (the root entry o=mycompany could not be deleted). Does somebody know how to solve this problem? Thanks!


Hongfu Huang, Senior System Integrator
M.Sc. Computer Science

AdNovum Informatik AG
Roentgenstrasse 22, 8005 Zurich, Switzerland
phone +41 44 272 6111, direct +41 44 270 5266
hongfu.hu...@adnovum.ch, www.adnovum.ch

Locations: Zurich (HQ), Bern, Lausanne, Budapest, Ho Chi Minh City, Singapore

Reply via email to