[Date Prev][Date Next] [Chronological] [Thread] [Top]

Indexing attribute forbids accessing associated records



Hello,

I am trying to use LDAP for unix authentication. I use slapd 2.1.30 on debian sarge. I populated the directory, set up pam and nss.
It works fine with ssh, su, sudo ...


But I cannot index the attributes I use to access data. There is probably something obvious I missed, but ...

When I index uid attribute with
index  uid     eq
the record isn't found anymore.

if I
ldapsearch -x -b 'dc=example,dc=com' '(uid=test)'
I get the result if this attribute isn't indexed, and the trace in the log looks like this:


*without 'index uid eq' in slapd.conf*
Jan 29 10:41:13 vl5 slapd[6625]: conn=207 op=1 SRCH base="dc=example,dc=com" scope=2 filter="(uid=test)"
Jan 29 10:41:13 vl5 slapd[6625]: <= bdb_equality_candidates: (uid) index_param failed (18)
Jan 29 10:41:13 vl5 slapd[6626]: conn=207 op=2 UNBIND
Jan 29 10:41:13 vl5 slapd[6625]: conn=207 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
^^^^^
Jan 29 10:41:13 vl5 slapd[6625]: conn=207 fd=20 closed


*with 'index uid eq' in slapd.conf*
Jan 29 10:43:42 vl5 slapd[8714]: conn=0 op=1 SRCH base="dc=example,dc=com" scope=2 filter="(uid=test)"
Jan 29 10:43:42 vl5 slapd[8713]: conn=0 op=2 UNBIND
Jan 29 10:43:42 vl5 slapd[8714]: conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
^^^^^
Jan 29 10:43:42 vl5 slapd[8714]: conn=0 fd=13 closed




--
guy marcenac