Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-2125

More than one value has been provided for the single-valued attribute: pwdAccountLockedTime



    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.0-M20
    • 2.0.0-M22
    • None
    • None


      I have now encountered this issue a couple times. I am not quite sure how, but pwdAccountLockedTime is getting multiple values set to it. This seems not to be a problem immediately (the directory works with multiple values), but I take daily backups and when I try to restore, I get:

      processing failure: CONSTRAINT_VIOLATION: failed for MessageType : ADD_REQUEST
      Message ID : 6259
          Add Request :
          dn[n]: uid=some.guy,ou=people,dc=example,dc=com
          objectClass: organizationalPerson
          objectClass: person
          objectClass: inetOrgPerson
          objectClass: portalPerson
          objectClass: top
          pwdAccountLockedTime: 20160131192519.758Z
          pwdAccountLockedTime: 20160131193013.986Z
          pwdAccountLockedTime: 20160131193020.941Z
          pwdAccountLockedTime: 20160131193026.911Z
          pwdAccountLockedTime: 20160131193036.580Z
          mail: some.guy@example.com
          pwdFailureTime: 20160131192059.579Z
          pwdFailureTime: 20160131192108.556Z
          pwdFailureTime: 20160131192129.709Z
          pwdFailureTime: 20160131192142.260Z
          pwdFailureTime: 20160131192448.419Z
          pwdFailureTime: 20160131192457.637Z
          pwdFailureTime: 20160131192504.937Z
          pwdFailureTime: 20160131192519.758Z
          pwdFailureTime: 20160131193013.986Z
          pwdFailureTime: 20160131193020.941Z
          pwdFailureTime: 20160131193026.911Z
          pwdFailureTime: 20160131193036.580Z
          timeZone: America/New_York
          active: true
          cn: Some Guy
          creatorsName: 0.9.2342.19200300.100.1.1=admin,
          modifiersName: 0.9.2342.19200300.100.1.1=admin,
          userPassword: ????
          pwdHistory: ????     
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          pwdHistory: ????
          uid: some.guy
          entryUUID: 33b6e17c-fe72-4d28-85ea-9f72e27143d3
          givenName: Some
          entryParentId: 96c37a0c-48b0-4960-b3e1-e01057bb742f
          createTimestamp: 20150422005642.549Z
          entryCSN: 20160131193036.581000Z#000000#001#000000
          sn: Guy
          modifyTimestamp: 20151020122447.179Z
          entryDN: uid=some.guy,ou=people,dc=example,dc=com
      : ERR_278 More than one value has been provided for the single-valued attribute: pwdAccountLockedTime

      My understanding is that the pwdAccountLockedTime SHOULD be single valued, and as such, the bug is in allowing it to get set multiple times.

      I do not currently have steps to reproduce, and for now my team works around it with our restore automation (read the incoming ldif and strip out all bu the latest copy of this attribute before adding it to the directory)...




            Unassigned Unassigned
            ltheisen@mitre.org lucas theisen
            0 Vote for this issue
            2 Start watching this issue