We build from source and run OpenLDAP and the SLAPI plugin since ages on Linux. The SLAPI plugin, written in C, publishes LDAP changes (add, modify, delete) to an Identity Management System (IDM). The plugin is configured in slapd.conf
as
plugin postoperation /opt/openldap-2.6.1/lib64/idm.so idm_init "IDM Plugin" 10.23.33.52 3001
The function idm_init()
registers static C functions for add, modify and delete the supposed way (here only shown for modify):
int idm_init(Slapi_PBlock * pb)
{
int rc = LDAP_SUCCESS;
log("idm-plugin:","now in idm_init()\n");
// first call, create new list and register the functions
...
rc |=
slapi_pblock_set( /* Plug-in API version */ pb,
SLAPI_PLUGIN_VERSION,
SLAPI_PLUGIN_CURRENT_VERSION);
rc |=
slapi_pblock_set( /* Plug-in description */ pb,
SLAPI_PLUGIN_DESCRIPTION, (void *) &desc);
rc |=
slapi_pblock_set( /* Modify function */ pb,
SLAPI_PLUGIN_POST_MODIFY_FN,
(void *) modify_user);
...
// read arguments and add list entry
rc |= read_arguments(pb);
log("idm-plugin", "idm_init() return rc:%d\n", rc);
return rc;
}
The function for modify_user()
which should be called from the LDAP server after modification of data, will later publish the change via network and without going into the details the start of the function looks like this:
static int modify_user(Slapi_PBlock * pb)
{
Slapi_Entry *entry;
log("idm-plugin:", "now in modify_user\n");
if (slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &entry) != LDAP_SUCCESS) {
log("IDM-Connector Plugin",
"entry modified, but couldn't get entry");
return -1;
}
...
The problem is, that after an update in LDAP this function is not called. The log shows only the attach and initialisation of the plugin but no further actions:
03/16/22 10:52:26 idm-plugin:: now in idm_init()
03/16/22 10:52:26 IDM-Connector Plugin: idm_init: Initializing plugin
03/16/22 10:52:26 idm-plugin:: now in read_arguments()
03/16/22 10:52:26 IDM Plugin: added idm connector: ip=10.23.33.52, port=3001
03/16/22 10:52:26 idm-plugin: idm_init() returns rc:0
03/16/22 10:52:26 plugin_pblock_new: Registered plugin OCLC-IDM-Connector-Notifier 1.0 [OCLC.org] (Notify the OCLC IDM-Connector of changes)
As the subject sais, with OpenLDAP 2.4 this works fine. It does not work anymore with 2.6.1.
Is there some change in the SLAPI interface of which we are not aware of?
I already set full log level any
but there is nothing logged about the function call. Any ideas?
To terminate this thread: The problem was caused by a misconfiguration in our slapd.conf. The plugin line was at the wrong place. Details can be seen here:
https://bugs.openldap.org/show_bug.cgi?id=9812