[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP searches don't work unless they're wildcards
1) You don't say what version of the software (server, client)
you're using
2) you say you played with indices; did you rebuild them,
by chance (i.e. run slapindex after changing slapd.conf)?
p.
> Hey lists,
>
> My problem is that searches for valid ldap entries return no results,
> unless the last character in the search is a wildcard. e.g.
> ***************************
> [server]:/# ldapsearch -xh localhost -b "o=GSAT Ltd" "cn=andrew hosie"
> mail version: 2
> #
> # filter: cn=andrew hosie
> # requesting: mail
> #
> # search result
> search: 2
> result: 0 Success
> # numResponses: 1
> ***************************
> [server]:/# ldapsearch -xh localhost -b "o=GSAT Ltd" "cn=andrew hosie*"
> mail version: 2
> #
> # filter: cn=andrew hosie*
> # requesting: mail
> #
> # hosie, GSAT Ltd
> dn: uid=hosie, o=GSAT Ltd
> mail: hosie@gsat.net.au
> # minime, GSAT Ltd
> dn: uid=minime, o=GSAT Ltd
> mail: minime@gsat.net.au
> # search result
> search: 2
> result: 0 Success
> # numResponses: 3
> # numEntries: 2
> ***************************
> Note: cn is not the only attribute tested, uid, mail, givenName and so
> on, all result in the same failure.
>
> The server is:
> * Linux kernel 2.4.18
> * Debian woody (3.0r1) build
> * OpenLDAP: slapd 2.0.23-Release
>
> I've analysed the content of entries returned with wildcard searches -
> there aren't any extra characters at the end of the cn.
>
> I also thought it could be to do with the index's so I altered the
> following: [/etc/ldap/schema/gsat/slapd.dynamic_ldbm.conf]
> ------------------------
> index aci pres
> index cn pres,eq,sub
> index sn pres,eq,sub
> index givenName pres,eq,sub
> index mail pres,eq,sub
> index telephoneNumber pres,eq,sub
> index ntUserDomainId pres,eq,sub
> index uid eq
> index changenumber eq
> index uniquemember eq
> index member eq
> index owner eq
> index seeAlso eq
> ------------------------
> To reflect "index uid sub" - still no good.
>
> I'm lost for ideas.
>
> Any assistance will be appreciated.
>
> P.S. /might/ have something to do with it - the schema is not default
> OpenLDAP - it's built 99% from converted NDS schema entries. Schema:
> http://www.gsat.net.au/openldap_schema.tar.gz [11.2KB]
>
> Thanks,
>
> Andrew Hosie
> GSAT Technical Consultant
> Ph: 1300 65 4728
> Ph: +61 3 5227 8022
> Fax: +61 3 5227 8023
> http: www.gsat.net.au
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it