Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000271 [LEX] Attribute List major always 2012-08-04 21:42 2012-09-03 10:59
Reporter coboluxx View Status public  
Assigned To PhilippFoeckeler
Priority normal Resolution fixed  
Status resolved   Product Version 1.3.006
Summary 0000271: AD: Not displaying custom attributes
Description Lex ist showing a custom object class on the objectClass array but does not show the attributes related to this class. ADSI-Edit and openldap displays the attribute as expected.

I have tried this with two different classes which extend "top". The first one was added to an organizationalUnit previously created with "Active Directory Users And Computers" and the other one was added to user object. In both cases the class is show on the objectClass attribute but the related attributes are missing.

The attributes of both custom schema classes are optional. They have no "mustContain" attribute. As far as I remember Lex shows the attribute if it was defined as "mustContain".
Additional Information Server: Windows 2008R2 Enterprise

Example output from ldapsearch (Linux):

[root@xops6 /]# ldapsearch sAMAccountname=xxx objectclass automountInformation
SASL/GSSAPI authentication started
SASL username: XOPS6$@xxx.xxx.xxx
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=xxx,dc=xxx,dc=xxx> (default) with scope subtree
# filter: sAMAccountname=xxx
# requesting: objectclass automountInformation
#

# xxx xxx, Users, Account, Identity, xxx.xxx.xxx
dn: CN=xxx xxx,OU=Users,OU=Account,OU=Identity,DC=xxx,DC=xxx,DC=xxx
objectClass: top
objectClass: automount
objectClass: person
objectClass: organizationalPerson
objectClass: user
autoMountInformation: / -fstype=nfs nfshome.int.web.xxx.xxx:/userhome/xxx

Lex shows:

objectClass automount
objectClass organizationalPerson
objectClass person
objectClass top
objectClass user

but the "autoMountInformation" attribute is missing. There is no filter active and "Friendly names" is turned off. Anything else is shown as expected.
Tags No tags attached.
Attached Files

- Relationships

-  Notes
(0000035)
coboluxx (reporter)
2012-08-04 21:54

Just verified that LEX shows custom attributes on new objects containing the custom class only but not in case an existing AD object was extended by a custom class.
(0000036)
PhilippFoeckeler (administrator)
2012-08-05 00:08

Hey coboluxx, i assume it is the schema extension for AutoFS, right? If you've done the schema extension with an LDIF import file, could you please sent this file to my personal mail address philipp.foeckeler@ldapexplorer.com? Or if you don't have an LDIF file, could you please describe me how the schema extension was made?



And a last check: Do you see the "autoMountInformation" attribute for the according objects if you switch off the option "Show only attributes that have values" in the attribute list? (http://www.ldapexplorer.com/en/manual/102030600-show-only-attributes-with-values.htm) [^]
(0000037)
PhilippFoeckeler (administrator)
2012-08-05 00:20

According to "mustContain" and "mayContain" : LEX should show both kinds of attributes, whether they are in the "mayContain" or the "mustContain" list. So your symptom is definitely a kind of bug. AD handles the object classes a bit weird, because every objectClass in the class hierarchy of an objct can have two different kinds of additional class definitions (so called "auxiliary classes"), and these aux classes can be nested in chains, so it could be an internal error in evaluating the "autoMount" class in the schema. This is the reason i asked for the LDIF file so that i can reproduce your schema extension.
(0000038)
coboluxx (reporter)
2012-08-05 02:47

Thanks for your fast reply!

I discovered that Lex shows the attribute as soon as I uncheck "Use directory schema to request object attributes". The attribute is highlighted red. "Show only attributes that have values" changed nothing.

You are right, the attribute is for AutoFS and as I have found no existing schema file I used the ADSI editor and added it manually. This is what Lex tells about the the "automount" schema object (Attr prefixed with >>> are the ones I specified on the ADSI add schema object dialog):

CN=automount,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
Attributes: 0
Object size: 422
________________________________________________________________________________
>>>adminDescription
Size: 26
Value:
Unix Automount Information
________________________________________________________________________________
adminDisplayName
Size: 9
Value:
automount
________________________________________________________________________________
classDisplayName
Size: 9
Value:
Automount
________________________________________________________________________________
cn
Size: 9
Value:
automount
________________________________________________________________________________
defaultObjectCategory
Size: 63
Value:
CN=automount,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
________________________________________________________________________________
distinguishedName
Size: 63
Value:
CN=automount,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
________________________________________________________________________________
dSCorePropagationData
Size: 17
Value:
1/1/1601 2:00:00 AM
________________________________________________________________________________
>>>governsID
Size: 16
Value:
1.3.6.1.1.1.2.17
________________________________________________________________________________
instanceType
Size: 1
Value:
4
________________________________________________________________________________
lDAPDisplayName
Size: 9
Value:
automount
________________________________________________________________________________
>>>mayContain
Size: 20
Value:
autoMountInformation
________________________________________________________________________________
>>>name
Size: 9
Value:
automount
________________________________________________________________________________
objectCategory
Size: 66
Value:
CN=Class-Schema,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
________________________________________________________________________________
objectClass
Size: 3
Value:
top
classSchema
________________________________________________________________________________
objectClassCategory
Size: 1
Value:
0
________________________________________________________________________________
objectGUID
Size: 16
Value:
c52f756a-e2ae-4852-9d65-f8ce5f679a87
________________________________________________________________________________
>>>rDNAttID
Size: 2
Value:
cn
________________________________________________________________________________
schemaIDGUID
Size: 16
Value:
f1492ae1-3237-447e-854b-0d08e8ca539c
________________________________________________________________________________
showInAdvancedViewOnly
Size: 4
Value:
TRUE
________________________________________________________________________________
>>>subClassOf
Size: 3
Value:
top
________________________________________________________________________________
systemOnly
Size: 5
Value:
FALSE
________________________________________________________________________________
uSNChanged
Size: 5
Value:
41484
________________________________________________________________________________
uSNCreated
Size: 5
Value:
41479
________________________________________________________________________________
whenChanged
Size: 17
Value:
8/3/2012 1:40:55 PM
________________________________________________________________________________
whenCreated
Size: 17
Value:
8/3/2012 1:32:35 PM


This is the the "automountInformation" attribute:

CN=autoMountInformation,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
Attributes: 0
Object size: 381
________________________________________________________________________________
adminDisplayName
Size: 20
Value:
autoMountInformation
________________________________________________________________________________
>>>attributeID
Size: 16
Value:
1.3.6.1.1.1.1.33
________________________________________________________________________________
>>>attributeSyntax
Size: 7
Value:
2.5.5.5
________________________________________________________________________________
cn
Size: 20
Value:
autoMountInformation
________________________________________________________________________________
distinguishedName
Size: 74
Value:
CN=autoMountInformation,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
________________________________________________________________________________
dSCorePropagationData
Size: 17
Value:
1/1/1601 2:00:00 AM
________________________________________________________________________________
instanceType
Size: 1
Value:
4
________________________________________________________________________________
>>>isSingleValued
Size: 5
Value:
FALSE
________________________________________________________________________________
lDAPDisplayName
Size: 20
Value:
autoMountInformation
________________________________________________________________________________
msDS-IntId
Size: 11
Value:
-1703961406
________________________________________________________________________________
>>>name
Size: 20
Value:
autoMountInformation
________________________________________________________________________________
objectCategory
Size: 70
Value:
CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=xxx
________________________________________________________________________________
objectClass
Size: 3
Value:
top
attributeSchema
________________________________________________________________________________
objectGUID
Size: 16
Value:
ee1152ac-91b8-4b4b-864a-b4aedff2bee2
________________________________________________________________________________
oMSyntax
Size: 2
Value:
22
________________________________________________________________________________
schemaIDGUID
Size: 16
Value:
5356cc80-88e6-4f67-ae50-9e7f97cb9c8c
________________________________________________________________________________
showInAdvancedViewOnly
Size: 4
Value:
TRUE
________________________________________________________________________________
uSNChanged
Size: 5
Value:
41476
________________________________________________________________________________
uSNCreated
Size: 5
Value:
41476
________________________________________________________________________________
whenChanged
Size: 17
Value:
8/3/2012 1:28:35 PM
________________________________________________________________________________
whenCreated
Size: 17
Value:
8/3/2012 1:28:35 PM

Many thanks for your help!
(0000039)
PhilippFoeckeler (administrator)
2012-08-06 13:01

Finally, i can reproduce your symtpom now in my testing environment. So we'll have a solution soon (i hope so :)). One question: When you created your object class "automount", what class type did you choose from the creation dialog: ABASTRACT, STRUCUTRAL or AUXILIARY? Unfortunately, AD doesn't store this information in the objectclass schema object, but in the object "Aggregate" in the schema partion ("CN=Aggregate,CN=Schema,CN=Configuration,DC=example,DC=com").

There are large mutlivalue attribs there, the "objectClasses" attribute should have a line similar like this:

( 1.3.6.1.1.1.2.17 NAME 'automount' SUP top AUXILIARY MAY (autoMountInformation ) )

These are the annoying things microsoft built into it's AD schema structure.... :) Class schema are stored in several different places...

If we do not use the schema eval (as you tried with deactivated "Use directory schema to request object attributes"), then we just look what the directory gives back to a standard LDAP request...but this mode is not too elegant because there are a bunch of operational attributes missing then. The red marked attribute is just because LEX compares the attribute list with the last requet, all changed data is marked red. If you press F5 again, the red mark probably disappears.

Ok so there is a bug somewhere in the evaluation of these class information. Please be a bit patient, i will debug this and will prepare a "quickfix" version 1.3.007 for you. Normally i was just about to finish the new 1.4.00, but this could last a while, so let's hope you'll get your bugfix earlier ;).
(0000040)
coboluxx (reporter)
2012-08-06 13:36

Good to know... already wondered where AD stores this kind of information ;)

From the objectClasses attribute entry: ( 1.3.6.1.1.1.2.17 NAME 'automount' SUP top STRUCTURAL MAY (autoMountInformation ) )

Thanks again for your fast help.
(0000041)
PhilippFoeckeler (administrator)
2012-08-06 23:33

Hi coboluxx,

i just uploaded a version where the schema-extended-class attributes should be visible (even if you activate "Use directory schema to request object attributes" again).

You can download the 1.3.007 LEX executable on this URL:

http://www.ldapexplorer.com/download/LEX1.3.007/LEX.exe [^]

Just replace the old executable on the machine where you installed LEX with this file. I just virus checked the file, the exact size is 4706304 bytes, the HSA-256 hash value is

93c96b8de91de253b9ff9f8c8d5c7dab42846824e06b828958c9fea3ff556a1b

Could you please check if this is a valid fix for our issue? Thank you!! :)
(0000042)
coboluxx (reporter)
2012-08-07 02:00

The automountInformation attribute is visible now. Nice :) Works with activated "use directory schema..." and "show only attrs with values" enabled and disabled too.

One (maybe new) thing I found is a error message box that is shown when selecting "Deleted Objects" (don't remember if this was shown on the previous version too. I may have never clicked on this node before):

The box is titled "Schema Error" and has a label with text "Could not read object classes." and a textbox displaying "[5] Das Objekt ist nicht vorhanden." (The english message would be something like "[5] Object not found.". However, confirming with "OK" shows the deleted objects.

Thank you very much for the highspeed solution to this issue! I realy like this great piece of software and your perfect support :)
(0000043)
coboluxx (reporter)
2012-08-07 02:00

The automountInformation attribute is visible now. Nice :) Works with activated "use directory schema..." and "show only attrs with values" enabled and disabled too.

One (maybe new) thing I found is a error message box that is shown when selecting "Deleted Objects" (don't remember if this was shown on the previous version too. I may have never clicked on this node before):

The box is titled "Schema Error" and has a label with text "Could not read object classes." and a textbox displaying "[5] Das Objekt ist nicht vorhanden." (The english message would be something like "[5] Object not found.". However, confirming with "OK" shows the deleted objects.

Thank you very much for the highspeed solution to this issue! I realy like this great piece of software and your perfect support :)
(0000044)
PhilippFoeckeler (administrator)
2012-08-08 00:27

Hi Marcus,

as you can see: The bugtracker is up and running again. Maybe a malfunction due to a maintenance interval...

First of all thank you fo your hints, they are very valuable! I just uploaded a slightly improved version 1.3.007 which should work as expected with the "Deleted Objects" container also. I just forgot to add the correct LDAP controls to the new request which is done to evaluate the class and attributes of the current object to show. Could you please try it:

http://www.ldapexplorer.com/download/LEX1.3.007/LEX.exe [^]

The SHA-256 hash value of this executable is

003f6650e779823749b12d1c948933e9e2bf068992356d39a5187848c9327123

In general, what is the new thing in the version 1.3.007? In older LEX versions, i had the top structural class from the object in focus before (e.g. "user"), and from the schema infromation i read at the start of an LDAP connection, i thought i could construct all the other structural/abstract classes from which the object class was derived from, and all auxiliary classes which can add new properties to the regarding object. This was the quick way to evaluate the list of possible attributes which have to be in the LDAP request to get ALL the information in the LEX attribute list.

So with your case, a interesting problem comes up: In an object, an additional class can be added, which is not marked as an auxiliary class to any of the other structural classes in the schema. I thought this case was forbidden in AD, but obviously it is not :) You can see the difference if you have a look at the objectclass objects in the schema - they have a multivalue attribute "auxiliaryClass" and another named "systemAuxiliaryClass". And i thought for example your "automount" class had to be stored by teh system in the "auxiliary" attribute of "top". This is the case for all the Exchange- or SFU-schema extnesions, but obviously it is not neccessary in all cases. So the old LEX (evaluating the objectClasses only by the schem info) didn't see for example your "automount" class - and couldn't show the "automountInformation" attribute.

With the new LEX version, i always do an additional request for the "objectClass" attribut of the current object _before_ the objectClasses and potential list of attributes is evaluated - this is a tick slower but it solves the problem.... :)

So i appreciate your help in this!
Please be aware of the facts that the 1.3.007 is only a "private" quick-fix version without setup routine and stuff... The next official release 1.4.000 which should come in the next 8 weeks will have this fix also.

Kind regards,
Philipp

- Issue History
Date Modified Username Field Change
2012-08-04 21:42 coboluxx New Issue
2012-08-04 21:53 coboluxx Issue Monitored: coboluxx
2012-08-04 21:54 coboluxx Note Added: 0000035
2012-08-05 00:02 PhilippFoeckeler Status new => assigned
2012-08-05 00:02 PhilippFoeckeler Assigned To => PhilippFoeckeler
2012-08-05 00:08 PhilippFoeckeler Note Added: 0000036
2012-08-05 00:20 PhilippFoeckeler Note Added: 0000037
2012-08-05 02:47 coboluxx Note Added: 0000038
2012-08-06 13:01 PhilippFoeckeler Note Added: 0000039
2012-08-06 13:02 PhilippFoeckeler Target Version => 1.3.007
2012-08-06 13:36 coboluxx Note Added: 0000040
2012-08-06 23:33 PhilippFoeckeler Note Added: 0000041
2012-08-07 02:00 coboluxx Note Added: 0000042
2012-08-07 02:00 coboluxx Note Added: 0000043
2012-08-08 00:27 PhilippFoeckeler Note Added: 0000044
2012-09-03 10:59 PhilippFoeckeler Status assigned => resolved
2012-09-03 10:59 PhilippFoeckeler Fixed in Version => 1.3.007
2012-09-03 10:59 PhilippFoeckeler Resolution open => fixed


Mantis 1.1.8[^]
Copyright © 2000 - 2009 Mantis Group
Powered by Mantis Bugtracker