Delete the root entry of a DIT (mdb as backend)

[Hongfu Huang]

Hi all,

I have defined a DIT (LMDB) as follows:
dn: olcDatabase={3}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {3}mdb
olcDbDirectory: /var/lib/ldap/mycompany/o=mycompany
olcSuffix: o=mycompany
olcRootDN: uid=admin,ou=system
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="uid=admin,ou=system" write by anonymous auth by self write by * none
olcAccess: {1}to * by dn="uid=admin,ou=system" write by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbEnvFlags: writemap
olcDbEnvFlags: nometasync
olcDbNoSync: FALSE
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbMaxReaders: 0
olcDbMaxSize: 4294967296
olcDbMode: 0600
olcDbSearchStack: 16
I can add the root entry as:

dn: o=mycompany
objectClass: organization
objectClass: top
o: mycompany
And I can also add and delete sub-entries under o=mycompany. But I can 
not delete the root entry o=mycompany, even there is no sub-entry below it.

Please no that the rootdn (uid=admin,ou=system) is not under the subffix 
(o=mycompany), that is why no rootPW is defined for this DIT. The rootDN 
and rootPW are defined in the second DIT (in BDB)

The weird thing was that I could search and found it:

ldapsearch -x -D uid=admin,ou=system -w XXXXXXXXX  -H 
ldap://localhost:389  -b o=mycompany
# extended LDIF
#
# LDAPv3
# base <o=cornerbank> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# mycompany
dn: o=mycompany
o: mycompany
objectClass: organization
objectClass: top

# search result
search: 2
result: 0 Success
But it would fail if I tried to delete it:

$ ldapdelete -x -D uid=admin,ou=system -w XXXXXXXXX  -H 
ldap://localhost:389  o=mycompany
ldap_delete: No such object (32)
32
In the other words, I could import the whole DIT for o=mycompany, but 
could not delete the whole DIT (the root entry o=mycompany could not be 
deleted). Does somebody know how to solve this problem? Thanks!

Regards

--
Hongfu Huang, Senior System Integrator
M.Sc. Computer Science

AdNovum Informatik AG
Roentgenstrasse 22, 8005 Zurich, Switzerland
phone +41 44 272 6111, direct +41 44 270 5266
hongfu.hu...@adnovum.ch, www.adnovum.ch

Locations: Zurich (HQ), Bern, Lausanne, Budapest, Ho Chi Minh City, Singapore