[Date Prev][Date Next] [Chronological] [Thread] [Top]

referrals and one level searches (ITS#818)

To: openldap-its@OpenLDAP.org
Subject: referrals and one level searches (ITS#818)
From: markwhitehouse@home.com
Date: Tue, 10 Oct 2000 22:57:47 GMT

Full_Name: Mark Whitehouse
Version: 2.0.6
OS: Linux RH 6.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (24.0.41.53)


Hi,

LDAP one level searches do not seem to work correctly when a referral is
involved in the result set.

As an example, I have an LDAP server with the following referral:

  dn: ou=devices,dc=foo,dc=com
  ou: devices
  ref: ldap://host/ou=devices,dc=foo,dc=com
  objectclass: referral
  objectclass: extensibleObject

If I issue the following ldapsearch:

  ldapsearch -b 'dc=foo,do=com' -s one -P 3 -a always -C -x '(objectclass=*)'

The search returns the entries below dc=foo,dc=com and the entries *below*
ou=devices,dc=foo,dc=com.  This seems to be incorrect as a one level search
should return the entries directly below dc=foo,dc=com including the one
dreferenced referral entry.

My guess is that the slapd code, on encoutering a referral is passing the search
onto the referral server without modifying the scope of the search.  i.e. a one
level search should be translated to a base level search to be sent to the
referral server.

Mark

Prev by Date: References with empty dn (ITS#817)
Next by Date: Re: Keep getting "connection from unknown (10.205.209.79) denied" (ITS#815)
Index(es):
- Chronological
- Thread