[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: lookups on multivalued field fails
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
kevin@hcico.com wrote:
| I am experiencing a very strange problem. I am trying to do lookups from
| my mail system directly into the LDAP server. After several unsuccessful
| attempts, I decided to try the querries in other ways. The bottom line is
| that I do not seem to have my OpenLDAP set up correctly. I am
| experiencing not only lookup failures in Postfix, but also SaslAuthd and
| the command line. So, my first order is to look at the command line, and
| see if I can figure out what is wrong there. However this seems to be
| quite puzzling. I can look up a record by the mail field, but not the
| mailAlternateAddress fields:
|
| [root@ruby root]# ldapsearch -x uid=kevin mail mailAlternateAddress
| # extended LDIF
| #
| # LDAPv3
| # base <> with scope sub
| # filter: uid=kevin
| # requesting: mail mailAlternateAddress
| #
|
| # Kevin Fries, People, example.com
| dn: cn=Kevin Fries,ou=People,dc=example,dc=com
| mail: Kevin.Fries@example.com
| mailAlternateAddress: kfries@example.com
| mailAlternateAddress: kgf@example.com
| mailAlternateAddress: kevin@example.com
|
| # search result
| search: 2
| result: 0 Success
|
| # numResponses: 2
| # numEntries: 1
|
| [root@ruby root]# ldapsearch -x mail=kevin.fries@example.com mail
| mailAlternateAddress
| # extended LDIF
| #
| # LDAPv3
| # base <> with scope sub
| # filter: mail=kevin.fries@example.com
| # requesting: mail mailAlternateAddress
| #
|
| # Kevin Fries, People, example.com
| dn: cn=Kevin Fries,ou=People,dc=example,dc=com
| mail: Kevin.Fries@example.com
| mailAlternateAddress: kfries@example.com
| mailAlternateAddress: kgf@example.com
| mailAlternateAddress: kevin@example.com
|
| [root@ruby root]# ldapsearch -x mailAlternateAddress=kevin@example.com
| mail mailAlternateAddress
| # extended LDIF
| #
| # LDAPv3
| # base <> with scope sub
| # filter: mailAlternateAddress=kevin@example.com
| # requesting: mail mailAlternateAddress
| #
|
| # search result
| search: 2
| result: 0 Success
|
| # numResponses: 1
|
| In slapd.conf I have both of these lines, so that searches are optomized:
|
| index mailAlternateAddress eq
| index mail sub,eq
|
| So why can I find a person by primary email address, but not an alias
| address? This seems strange to say the least.
|
Did you recently change any index settings (specifically the
mailAlternateAddress)? If so, did you slapindex afterwards? This is
quite important ... (as far as I understand, if you have an index set,
openldap will only search the index - since it would be useless
performance wise on negatives to search the entire db - and if you
haven't got up-to-date indexes, such as if you haven't been indexing the
attribute before, searches on the attribute *will* fail).
| I also thought that it could be the schema (i.e. can't search by fields
| defined in the qmailuser schema), but I am able to search by
| mailMessageStore and retrieve the correct record. So, that theory got
| blown to heck in a hurry. So I am back to the multivalued field as the
| most likely culprit.
I am working on a similar system, except that we don't use the primary
mail, *only* mailAlternateAddress, with no problems.
Regards,
Buchan
- --
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAzYVRrJK6UGDSBKcRAoZ/AJ0Z5L0O8GXB9LD6wKKtUoD/zvmt3QCfTMo9
eotp+E8oTyXsm2iXquD/uXY=
=CSL/
-----END PGP SIGNATURE-----