Comments (6)
jaqx0r
commented on August 19, 2024
Comment #1 originally posted by jaqx0r on 2008-09-15T22:41:04.000Z:
I should note that this doesn't occur if I use the --full switch for "nsscache update". Of course, even in
incremental mode, I don't think duplicate entries like this should be possible..
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #2 originally posted by jaqx0r on 2009-01-09T00:11:34.000Z:
As Kamil suggested in my discussion thread from yesterday, it appears I'm suffering
from the same issue when a user is deleted from the LDAP directory. When using
partial updates only, deleted entries in the source are not deleted from the local
cache (I suspect they are not being detected at all).
Running 0.8.3 on RHEL5. Source is OpenLDAP 2.3.27 on RHEL5.
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #3 originally posted by jaqx0r on 2009-01-11T19:20:16.000Z:
it sounds like this is the case. furthermore since our data maps are stored
internally keyed on username, there is no conflict in holding 2 different usernames
with the same uid.
we could introduce something to catch this, but on an incremental update how would we
handle it? for this case we could evict the "older" entry, and assume the one being
merged in is replacing it.
but this could lead to flip-flopping if the source database actually has conflicting
uids, one uid would disappear on an incremental update where the other was
modified..then it'd come back on a full sync or flop the other way on the next
modification.
all in all, I think this better handled by a clear note in a README or caveat or
something somewhere to explain the bahviour of ldap incremental updates, and
ultimately fixed by something like rfc 4533 where it is supported.
thoughts?
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #4 originally posted by jaqx0r on 2009-01-12T17:27:56.000Z:
Good point. The uid is the key in the LDAP database, so it makes sense to key the map on that.
I don't think there's any sense in coding around it, but perhaps nsscache could write a warning to stderr if a
duplicate UID is encountered in the cache? At least this would make it easier to diagnose the problem.
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #5 originally posted by jaqx0r on 2014-04-30T13:52:57.000Z:
Technically the DN is the key in the LDAP database, not the UID.
I'm adding a warning if a duplicate key is detected, but this will only warn for duplicate nsscache keys, in this case the username, not the UID.
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #6 originally posted by jaqx0r on 2014-04-30T13:58:19.000Z:
This issue was closed by revision c4dc48115972.
from nsscache.
Related Issues (20)
- nsscache doesn't map all members of a group HOT 2
- reformat by removing error E713 for membership test HOT 7
- ShadowExpire == -1 HOT 1
- sshkey map fails to import HOT 4
- Not all LDAP servers provide LastModification Dates
- bsddb3 is deprecated HOT 3
- `uidattr` ignored when writing out groups
- mox3 archived & deprecated upstream, please update tests to not use it HOT 3
- Does not work offline. HOT 6
- Question: Merge groups with the same ids
- Add support for GCS source HOT 1
- skip the unexcepted line in the cache file
- Please support nested groups HOT 11
- Tagging of versions HOT 3
- nsscache doesn't update group cache from ldap source HOT 7
- ConfigParser.NoSectionError: No section: 'suffix' with nsscache >= 0.36 HOT 2
- configure nsscache with samba4 active directory HOT 31
- is nsscache python3 compatible? HOT 25
- Get integration tests running in CI HOT 37
- Properly define byte vs string types in source and cache api boundaries
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nsscache.