On Wednesday 28 June 2006 04:15, Jason Lixfeld wrote: > So I'm having a little trouble understanding why I can't filter an > attribute in one DN, but I can filter an attribute in another DN: > > Here's the first search, to show the dn and attribute (o: > example.com) actually exists: > > # ldapsearch -x -D "cn=Manager,dc=example,dc=ca" -W -b > 'ou=hosting,ou=mail,dc=example,dc=ca' -s one o > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <ou=hosting,ou=mail,dc=example,dc=ca> with scope oneLevel > # filter: (objectclass=*) > # requesting: o > # > > # example.com, hosting, mail, example.com > dn: o=example.com,ou=hosting,ou=mail,dc=example,dc=ca > o: example.com > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > If I try a more specific search, filtering for the same attribute > that was returned in the previous search, and only requesting the o > attribute, it comes up with nothing and I don't understand why. I've > tried one, sub and children, off chance I just don't understand my > own directory hierarchy, but it seems I do: > > # ldapsearch -x -D "cn=Manager,dc=example,dc=ca" -W -b > 'ou=hosting,ou=mail,dc=example,dc=ca' -s one '(o=example.com)' o > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <ou=hosting,ou=mail,dc=example,dc=ca> with scope oneLevel > # filter: (o=example.com) > # requesting: o > # > > # search result > search: 2 > result: 0 Success > > # numResponses: 1 My first guess would be that you have changed/add indexing on the o attribute without re-indexing. slapd looks in the index, finds no matching attribute in the index, and there's no point in it looking further (or the index is useless). Update the indexes by running 'slapdindex' while slapd isn't running, and it should work (or, you have another problem). Regards, Buchan -- Buchan Milne ISP Systems Specialist B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
Attachment:
pgpHtiqPki6cO.pgp
Description: PGP signature