[389-users] Cannot delete domain

Christian Katterl christian at katterl.eu
Thu Mar 5 09:50:50 UTC 2015 

I tried a fresh install in a virtual machine.
In this virtual machine, version 1.2.11.30-1 was the initial version - 
so no update or older version has been used.

Even there, the problem persists.

BR, Christian


On 05.03.2015 10:47, German Parente wrote:
> ----- Original Message -----
>> From: "Christian Katterl" <christian at katterl.eu>
>> To: "General discussion list for the 389 Directory server project." 
>> <389-users at lists.fedoraproject.org>
>> Sent: Thursday, 5 March, 2015 10:23:13 AM
>> Subject: Re: [389-users] Cannot delete domain
>> 
>> Of course:
>> 
>> ldapsearch -D "cn=Directory Manager" -W -b 
>> "dc=test,dc=mydomain,dc=tld"
>> "(objectclass=*)" numsubordinates
>> 
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <dc=test,dc=mydomain,dc=tld> with scope subtree
>> # filter: (objectclass=*)
>> # requesting: numsubordinates
>> #
>> 
>> # test.mydomain.tld
>> dn: dc=test,dc=mydomain,dc=tld
>> numsubordinates: 1
> 
> Seems you have hit the bug we were discussing. Database is incoherent,
> likely a bad calculation of numbsubordinates.
> 
> My assumption is that database was incoherent before you have upgraded
> to 1.2.11.30-1 where the bug is fixed. Is this a possibiliy ?
> 
> I cannot propose another solution that export-reimport.
> 
> But perhaps some other in this alias could propose a better solution 
> than me.
> 
> Regards,
> 
> German.
> 
>> 
>> # search result
>> search: 2
>> result: 0 Success
>> 
>> # numResponses: 2
>> # numEntries: 1
>> 
>> 
>> BR, Christian
>> 
>> 
>> On 05.03.2015 10:16, German Parente wrote:
>> > Could you please try again:
>> >
>> > ldapsearch -D "cn=Directory Manager" -W -b
>> > "dc=test,dc=mydomain,dc=tld"  "(objectclass=*)" numsubordinates
>> >
>> > Thanks a lot,
>> >
>> > German.
>> >
>> > ----- Original Message -----
>> >> From: "Christian Katterl" <christian at katterl.eu>
>> >> To: "General discussion list for the 389 Directory server project."
>> >> <389-users at lists.fedoraproject.org>
>> >> Sent: Thursday, 5 March, 2015 10:08:39 AM
>> >> Subject: Re: [389-users] Cannot delete domain
>> >>
>> >> Hi,
>> >>
>> >> unfortunately, it's still there - nothing changed.
>> >>
>> >> BR, Christian
>> >>
>> >>
>> >> On 05.03.2015 09:58, German Parente wrote:
>> >> > ----- Original Message -----
>> >> >> From: "Christian Katterl" <christian at katterl.eu>
>> >> >> To: "General discussion list for the 389 Directory server project."
>> >> >> <389-users at lists.fedoraproject.org>
>> >> >> Sent: Thursday, 5 March, 2015 8:46:19 AM
>> >> >> Subject: Re: [389-users] Cannot delete domain
>> >> >>
>> >> >>
>> >> >>
>> >> >> Hi,
>> >> >>
>> >> >>
>> >> >>
>> >> >> i tried:
>> >> >>
>> >> >>
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> -W
>> >> >> "(objectclass=*)" *numsubordinates*
>> >> >>
>> >> >
>> >> >
>> >> > Seems your entry has finally been deleted. So, now, we cannot go on
>> >> > troubleshooting this issue.
>> >> >
>> >> > Regards,
>> >> >
>> >> > German.
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >> # extended LDIF
>> >> >> #
>> >> >> # LDAPv3
>> >> >> # base <dc=test,dc=mydomain,dc=tld> with scope subtree
>> >> >> # filter: (objectclass=*)
>> >> >> # requesting: *numsubordinates *
>> >> >> #
>> >> >>
>> >> >> # search result
>> >> >> search: 2
>> >> >> result: 32 No such object
>> >> >>
>> >> >> # numResponses: 1
>> >> >>
>> >> >>
>> >> >>
>> >> >> BR, Christian
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >> On 04.03.2015 20:11, Noriko Hosoi wrote:
>> >> >>
>> >> >>
>> >> >> On 03/04/2015 10:53 AM, Noriko Hosoi wrote:
>> >> >>
>> >> >>
>> >> >> Well, it is an error message issue... You cannot "delete" your suffix.
>> >> >> Sorry,
>> >> >> please iignore this statement. I could delete it. Continue
>> >> >> investigating...
>> >> >>
>> >> >> BTW, could you run this command line again replacing num b
>> >> >> subordinates with
>> >> >> numsubordinates ?
>> >> >> > ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> > -W
>> >> >> > "(objectclass=*)" numsubordinates
>> >> >>
>> >> >> Thanks,
>> >> >> --noriko
>> >> >>
>> >> >>
>> >> >> To do so, you need to delete the backend togather.
>> >> >>
>> >> >> $ ldapsearch -LLLx ... -b "dc=example,dc=com" -s base
>> >> >> "(objectclass=*)" dn
>> >> >> dn: dc=example,dc=com
>> >> >>
>> >> >> $ ldapdelete -x ...
>> >> >> dc=example,dc=com
>> >> >> ldap_delete: Operation not allowed on non-leaf (66)
>> >> >>
>> >> >>
>> >> >> On 03/04/2015 03:50 AM, Christian Katterl wrote:
>> >> >>
>> >> >>
>> >> >> Hi,
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> "(objectclass=nsTombstone)" -W
>> >> >>
>> >> >> # extended LDIF
>> >> >> #
>> >> >> # LDAPv3
>> >> >> # base <dc=test,dc=mydomain,dc=tld> with scope subtree
>> >> >> # filter: (objectclass=nsTombstone)
>> >> >> # requesting: ALL
>> >> >> #
>> >> >>
>> >> >> # search result
>> >> >> search: 2
>> >> >> result: 0 Success
>> >> >>
>> >> >> # numResponses: 1
>> >> >>
>> >> >>
>> >> >> and...
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> -W
>> >> >> "(objectclass=*)" numbsubordinates
>> >> >>
>> >> >> # extended LDIF
>> >> >> #
>> >> >> # LDAPv3
>> >> >> # base <dc=test,dc=mydomain,dc=tld> with scope subtree
>> >> >> # filter: (objectclass=*)
>> >> >> # requesting: numbsubordinates
>> >> >> #
>> >> >>
>> >> >> # test.mydomain.tld
>> >> >> dn: dc=test,dc=mydomain,dc=tld
>> >> >>
>> >> >> # search result
>> >> >> search: 2
>> >> >> result: 0 Success
>> >> >>
>> >> >> # numResponses: 2
>> >> >> # numEntries: 1
>> >> >>
>> >> >>
>> >> >> BR, Christian
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >> Am 04.03.2015 11:59, schrieb German Parente:
>> >> >>
>> >> >>
>> >> >> Hi Christian,
>> >> >>
>> >> >> there has been a bug fixed for your issue but in release 1.2.11.15-34.
>> >> >>
>> >> >> https://fedorahosted.org/389/ticket/47367
>> >> >>
>> >> >>
>> >> >> Could you do this query ?
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> "(objectclass=nsTombstone)" -W
>> >> >>
>> >> >> and also
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> -W "(objectclass=*)" numbsubordinates
>> >> >>
>> >> >> ?
>> >> >>
>> >> >> Thanks and regards,
>> >> >>
>> >> >> German.
>> >> >>
>> >> >>
>> >> >>
>> >> >> ----- Original Message -----
>> >> >>
>> >> >>
>> >> >> From: "Christian Katterl" <christian at katterl.eu>
>> >> >> To: 389-users at lists.fedoraproject.org
>> >> >> Sent: Wednesday, 4 March, 2015 9:30:39 AM
>> >> >> Subject: [389-users] Cannot delete domain
>> >> >>
>> >> >> Dear all,
>> >> >>
>> >> >> I am using 389-ds version 1.2.11.30-1 (shipped with kolab).
>> >> >> Trying to delete a domain gives the following error: ldap_delete:
>> >> >> Operation not allowed on non-leaf (66)
>> >> >>
>> >> >> Is this a (known) bug, or am I doing something wrong?
>> >> >>
>> >> >> I tried to delete the domain using:
>> >> >> ldapdelete -c -x -D "cn=Directory Manager" -W -r
>> >> >> "dc=test,dc=mydomain,dc=tld"
>> >> >>
>> >> >> When I am looking for entries, there seems to be no remaining element:
>> >> >>
>> >> >> ldapsearch -D "cn=Directory Manager" -b "dc=test,dc=mydomain,dc=tld"
>> >> >> "(objectclass=*)" -W
>> >> >>
>> >> >> # extended LDIF
>> >> >> #
>> >> >> # LDAPv3
>> >> >> # base <dc=test,dc=mydomain,dc=tld> with scope subtree
>> >> >> # filter: (objectclass=*)
>> >> >> # requesting: ALL
>> >> >> #
>> >> >>
>> >> >> # test.mydomain.tld
>> >> >> dn: dc=test,dc=mydomain,dc=tld
>> >> >> dc: test
>> >> >> objectClass: top
>> >> >> objectClass: domain
>> >> >>
>> >> >> # search result
>> >> >> search: 2
>> >> >> result: 0 Success
>> >> >>
>> >> >> # numResponses: 2
>> >> >> # numEntries: 1
>> >> >>
>> >> >> I replaced my real domain-name with test.mydomain.tld
>> >> >>
>> >> >> The installation is a single ldap-host with no synchronization or
>> >> >> so...
>> >> >> Can anyone help?
>> >> >>
>> >> >> BR, Christian
>> >> >> --
>> >> >> 389 users mailing list
>> >> >> 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users --
>> >> >> 389 users mailing list
>> >> >> 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users --
>> >> >> 389 users mailing list
>> >> >> 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> >> >> --
>> >> >> 389 users mailing list
>> >> >> 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> >> >>
>> >> >> --
>> >> >> 389 users mailing list 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> 389 users mailing list
>> >> >> 389-users at lists.fedoraproject.org
>> >> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> >> > --
>> >> > 389 users mailing list
>> >> > 389-users at lists.fedoraproject.org
>> >> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>> >> --
>> >> 389 users mailing list
>> >> 389-users at lists.fedoraproject.org
>> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> > --
>> > 389 users mailing list
>> > 389-users at lists.fedoraproject.org
>> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

More information about the 389-users mailing list