[389-users] help with 'no such attribute' error?
brandon
bjg at solv.com
Wed Nov 2 22:27:31 UTC 2011
On 11/02/2011 03:56 PM, Rich Megginson wrote:
> On 11/02/2011 03:49 PM, brandon wrote:
>> So I'm hoping somebody can assist with a confusing problem I am having.
>>
>> I am running 389-ds-1.2.1-1.
>
> What platform? What version of 389-ds-base?
Redhat Server 5.7; kernel 2.6.18-274.3.1.el5
389-ds-base-1.2.9.9-1
> Start with the access log. This will tell you your bind identity and
> the operations invoked by the client. It won't give the exact modify
> arguments for modify operations - use the errorlog level 4 (ARGS) for
> that - see http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting
> (4 Heavy trace output debugging).
My biggest difficulty with the access log is the noise (today alone is
500M of logs).
A very nice feature (tangent) would be to be able to qualify logs by
object and a unique tag, along with log level. So you could say any log
regarding this object/node should be tagged with 'Special Call out' and
runs at a higher log level (if not into an alternate file).
I will look into higher level debugging, to see if I can digup more
info. The log info so far:
[02/Nov/2011:18:58:39 +0000] conn=74 fd=69 slot=69 SSL connection from
55.55.55.10 to 55.55.55.10
[02/Nov/2011:18:58:39 +0000] conn=74 SSL 256-bit AES
[02/Nov/2011:18:58:39 +0000] conn=74 op=0 BIND
dn="uid=GIR.Interface,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot"
method=128 version=3
[02/Nov/2011:18:58:39 +0000] conn=74 op=0 RESULT err=0 tag=97 nentries=0
etime=0
dn="uid=gir.interface,ou=administrators,ou=topologymanagement,o=netscaperoot"
[02/Nov/2011:18:58:39 +0000] conn=74 op=1 SRCH base="ou=Special
Users,dc=alt" scope=2 filter="(&(uid=test)(objectClass=posixAccount))"
attrs=ALL
[02/Nov/2011:18:58:39 +0000] conn=74 op=1 RESULT err=0 tag=101
nentries=1 etime=0
[02/Nov/2011:18:58:39 +0000] conn=74 op=2 MOD dn="uid=test,ou=Special
Users,dc=alt"
[02/Nov/2011:18:58:39 +0000] conn=74 op=2 RESULT err=16 tag=103
nentries=0 etime=0 csn=4eb192df0000000a0000
[02/Nov/2011:18:58:39 +0000] conn=74 op=3 MOD dn="uid=test,ou=Special
Users,dc=alt"
[02/Nov/2011:18:58:39 +0000] conn=74 op=3 RESULT err=16 tag=103
nentries=0 etime=0 csn=4eb192df0001000a0000
[02/Nov/2011:18:58:39 +0000] conn=74 op=4 MOD dn="uid=test,ou=Special
Users,dc=alt"
[02/Nov/2011:18:58:39 +0000] conn=74 op=4 RESULT err=16 tag=103
nentries=0 etime=0 csn=4eb192df0002000a0000
[02/Nov/2011:18:58:39 +0000] conn=74 op=5 UNBIND
[02/Nov/2011:18:58:39 +0000] conn=74 op=5 fd=69 closed - U1
There are three modifications that happen at this time, around setting
the password, allowed change time, etc.
Is there a document somewhere which helps decipher some of these codes?
what is a csn? etc...
The objectClasses on the object in both sides of the tree are identical
(at least last I checked), so the inheritance of parameters should be
the same (and I can set these attributes with ldapmodify). I will
review/verify again tomorrow.
What is the definition of no such attribute, in the context of a
modify? If the attribute is allowed on the class, but is not defined on
the object, should it just set it anyway?
>
> If all else fails, you could use wireshark/tcpdump to inspect the
packets received and sent by the directory server.
>
Unfortunately, it is all encrypted.
Thanks guys, I do help the assist.
-Brandon
More information about the 389-users
mailing list