Pierangelo, Thanks again.
I've moved the overlay configuration part after the database configuration part, but I still get the same problem - adding the second entry fails due to a constraint violation when it should succeed. Is there anything else I can try or should I file and ITS? Kyle Blaney -----Original Message----- From: Pierangelo Masarati [mailto:[email protected]] Sent: July 22, 2009 4:22 AM To: Blaney, Kyle (BVW:9T16) Cc: [email protected] Subject: Re: Unique overlay usage with filter Kyle Blaney wrote: > Pierangelo, > > Thanks for your help so far. > > In attempting to reproduce my problem with a minimal slapd.conf that I > could post, I am now encountering a slightly different problem related > to the unique overlay. In particular, I get an LDAP constraint > violation when attempting to add an entry that should be allowed. > > Here's my complete slapd.conf: > > ucdata-path data > include schema/core.schema > include schema/cosine.schema > include schema/inetorgperson.schema > include schema/nortel.schema > backend bdb > database bdb > overlay unique > unique_uri ldap:///?uid?sub?(sn=e*) > suffix "dc=Nortel,dc=com" > rootdn "cn=Administrator,dc=Nortel,dc=com" > rootpw adminpwd > directory data > index sn eq,sub > index cn eq,sub > > Here are the steps to reproduce my current problem (all modifications > are made using the configured rootdn): > 1. Add an entry with uid=a and sn=e. > 2. Add a second entry with uid=a and sn=f. > > The second entry is not added. Instead, OpenLDAP returns error code > 19 (constraint violation) with a message of "some attributes are not > unique". When I comment out the unique_uri line in slapd.conf and > restart slapd, the second entry can be added successfully. > > Have I configured something incorrectly? The overlay part should go after all the database part, i.e. database bdb suffix "dc=Nortel,dc=com" rootdn "cn=Administrator,dc=Nortel,dc=com" rootpw adminpwd directory data index sn eq,sub index cn eq,sub overlay unique unique_uri ldap:///?uid?sub?(sn=e*) so the overlay configuration can properly check dependencies on database data. Don't know whether this fixes your issue, though. p.
