Various ONID account management activities, such as changing ONID passwords and signing up for ONID accounts, were failing from 1:08pm to 2:15pm today with an error message “Object class violation”. This was due to some internal changes in the LDAP service. After the problem was identified, we were able to re-enter the missing configuration information.
The errors began occurring when a new LDAP server was added to the replication pool, even though the new server was not accessible to LDAP clients. When the new server was added, the LDAP schema was modified and several critical OSU-specific objectclasses were deleted. The LDAP servers automatically replicate schema changes, so I suspect the new server tried to replicate its schema (which did not contain the OSU-specific objectclasses yet) back to the other servers. I resolved the problem by re-entering the OSU-specific schema.
This same process was used a few weeks ago to add a new server without any trouble. There may be a timing issue because this time I was able to cut-and-paste all the changes, performing them more quickly than previously.
In the future, I will bring the new LDAP server online as a consumer (read-only) first, verify the schema is accurate, and then promote it to a master.
Andy Morgan ONID Support