This topic has been reported for inappropriate content

Tagged: ,

This topic has 3 replies, 4 voices, and was last updated 2 months, 2 weeks ago by Ludo.

  • Author
    Posts
  • #28617
     srenard
    Participant

    Hello,

    I’m facing with a weird issue on our opendj database.
    We have 2 opendj database, with replication.

    On one server, there are some duplicate entries.
    opendj/bin/ldapsearch –port 1389 –baseDN “ou=Utilisateurs,dc=cnb,dc=fr” -D “cn=xxxxx” –countEntries “(uid=304031)”
    dn: uid=012345,ou=Utilisateurs,dc=cnb,dc=fr
    uid: 012345

    dn: uid=012345,ou=Utilisateurs,dc=cnb,dc=fr
    uid: 012345

    When trying to delete entries :
    Processing DELETE request for uid=012345,ou=Utilisateurs,dc=cnb,dc=fr
    DELETE operation failed
    Result Code: 80 (Other)
    Additional Information: The entry database does not contain a record for ID -1

    So I cannot delete them anymore, and I don’t know what I can do.

    Do you have any suggestion in order to recover a stable situation ?

    Thanks so much,
    Regards

    #28618
     Jatinder Singh
    Participant

    I smell replication related issue here. Could you check entryUUID and entryDN (operational attributes) for these entries?

    #28619
     Bill Nelson
    Participant

    What you are describing seems to be a very particular behavior, and quite honestly, I am not sure how it could happen.

    I also see that you are performing a search with a filter of uid=304031, yet you are returning two entries that have a uid of 012345. You are also not providing the full results of the search since that would contain the line “# Total number of matching entries: X” in it. So I suspect that you are copying/pasting from a couple different iterations of the execution of this command – or at the very least changing things before you have posted. Please post all of the information here with a consistent redaction of the data so we know what it is we are looking at.

    Having said that, I agree with @jsingh that this may be a replication related issue, but again, I cannot see how. The DN must be unique and if there was a naming clash during replication, then you would end up with a dn that actually contains the entryuuid in it (i.e. dn: uid=012345-dc883c41-b2e3-38d6-980a-9548ba1c136b,ou=Utilisateurs,dc=cnb,dc=fr); you would not see two entries with the same DN.

    Can you please provide the operational attributes associated with these two entries by executing the following command:

    opendj/bin/ldapsearch –port 1389 –baseDN “ou=Utilisateurs,dc=cnb,dc=fr” -D “cn=xxxxx” –countEntries “(uid=304031)” +

    (Note the use of the “+” sign at the end of the search)

    This will return information something like this:

    dn: uid=012345,ou=Utilisateurs,dc=cnb,dc=fr
    entryDN: uid=012345,ou=Utilisateurs,dc=cnb,dc=fr
    entryUUID: dc883c41-b2e3-38d6-980a-9548ba1c136b
    etag: 00000000fa654190
    hasSubordinates: false
    numSubordinates: 0
    pwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
    structuralObjectClass: inetOrgPerson
    subschemaSubentry: cn=schema

    Also what version of DJ are you running?

    thanks,

    #28621
     Ludo
    Moderator

    Hi S.Renard,

    This is a community best effort site.
    If you are a customer or representing a customer, I would suggest you post your question to our support organisation through Backstage.forgerock.com.

    Kind regards,

    Ludo

    • This reply was modified 2 months, 2 weeks ago by Ludo.
Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?