[Date Prev][Date Next] [Chronological] [Thread] [Top]

Null suffix as default (ITS#723)

To: openldap-its@OpenLDAP.org
Subject: Null suffix as default (ITS#723)
From: pmasarati@bci.it
Date: Sun, 10 Sep 2000 20:06:48 GMT

Full_Name: Pierangelo Masarati
Version: 2.0.1
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (151.29.251.242)


In OpenLDAP 1.2 and earlier I could set an ldbm backend suffix as:

suffix "o=My Org,c=IT"
suffix ""

and this used to allow to operate searches on the backend with a null search
base, e.g.

ldapsearch -b "" objectclass=*

would yield all the entries with base "o=My Org,c=IT"

This is no longer true in OpenLDAP 2.0; I temporarily fixed the problem with
the patch you may find at 

http://mbdyn.aero.polimi.it/~masarati/Download/openldap-2.0.1-default-suffix-hack.patch

by adding a configuration directive 

defaultSuffix	"o=My Org,c=IT"

which allows to substitute a null ("") search base with the default one (it is
configurable 
by adding --enable-default-suffix-hack at configure time). This feature is key
to my 
application, because I should otherwise reconfigure some 25,000 clients which
presently
work with a "" base on a directory with non-null suffix.

The point is: was the feature I mentioned intended in OpenLDAP 1.2 or was it
kind of
a bug? And in case it was intended, why isn't it supported any longer in
OpenLDAP 2.0?
If my patch seems reasonable, feel free to use it; there is no copyright notice
since it is nothing but a few lines of code. If you need one, let me know.


Bye, Pierangelo Masarati
<ando@sys-net.it>

Prev by Date: slurpd -r buffer overflow (ITS#722)
Next by Date: slapd core dumped (ITS#724)
Index(es):
- Chronological
- Thread