#49541 Server allows to set nsds5replicaid=65535 in the existing replica entry
Closed: wontfix 6 years ago Opened 6 years ago by mreynolds.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1533828

Description of problem:
We can break the nsds5replicaid attribute rules (it should be 1 to 65534 for
masters) if we'll try to modify the existing replication entry.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.7.5-11.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Install an instance
2. Add a replica entry:
[root@qeos-19 upstream]# ldapmodify -a -h localhost -p 389 -D "cn=Directory
manager" -w Secret123 << EOF
> dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
> cn: replica
> nsDS5Flags: 1
> nsDS5ReplicaBindDN: cn=sync user,cn=config
> nsDS5ReplicaId: 65535
> nsDS5ReplicaRoot: dc=example,dc=com
> nsDS5ReplicaType: 3
> objectClass: top
> objectClass: nsDS5Replica
> objectClass: extensibleobject
> EOF
adding new entry "cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping
tree,cn=config"

AND another use case ::

1. Existing MMR
2. On M1 try ::
[root@qeos-19 upstream]# ldapmodify -h localhost -p 39001 -D "cn=Directory
manager" -w password << EOF
> dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
> changetype: modify
> replace: nsDS5ReplicaId
> nsDS5ReplicaId: 65535
> EOF
modifying entry "cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping
tree,cn=config"


Actual results: Operation is Successful


Expected results: It should fail with error message ::
ldap_modify: Server is unwilling to perform (53)
        additional info: Attribute nsDS5ReplicaId value (wrong_id) is invalid,
must be a number between 1 and 65535.

Additional info:

Metadata Update from @mreynolds:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1533828

6 years ago

c8b388b..ebb00a4 master -> master

400e6eb..2cabb08 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to ack
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

That last commit addressed the adding the replica, not modifying it. This does:

branch master updated (d86e0f9 -> 56f9881)

49291b7..c5ad6e5 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2600

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)

4 years ago

Log in to comment on this ticket.

Metadata