[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Missing something with filters and/or attributes

That fixed it; thank you!

On 28-Jun-06, at 8:35 AM, Buchan Milne wrote:

On Wednesday 28 June 2006 04:15, Jason Lixfeld wrote: 
So I'm having a little trouble understanding why I can't filter an
attribute in one DN, but I can filter an attribute in another DN:

Here's the first search, to show the dn and attribute (o:
example.com) actually exists:

# ldapsearch -x -D "cn=Manager,dc=example,dc=ca" -W -b
'ou=hosting,ou=mail,dc=example,dc=ca' -s one o
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=hosting,ou=mail,dc=example,dc=ca> with scope oneLevel
# filter: (objectclass=*)
# requesting: o
#

# example.com, hosting, mail, example.com
dn: o=example.com,ou=hosting,ou=mail,dc=example,dc=ca
o: example.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

If I try a more specific search, filtering for the same attribute
that was returned in the previous search, and only requesting the o
attribute, it comes up with nothing and I don't understand why.  I've
tried one, sub and children, off chance I just don't understand my
own directory hierarchy, but it seems I do:

# ldapsearch -x -D "cn=Manager,dc=example,dc=ca" -W -b
'ou=hosting,ou=mail,dc=example,dc=ca' -s one '(o=example.com)' o
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=hosting,ou=mail,dc=example,dc=ca> with scope oneLevel
# filter: (o=example.com)
# requesting: o
#

# search result
search: 2
result: 0 Success

# numResponses: 1


My first guess would be that you have changed/add indexing on the o attribute
without re-indexing. slapd looks in the index, finds no matching attribute in
the index, and there's no point in it looking further (or the index is
useless).

Update the indexes by running 'slapdindex' while slapd isn't running, and it
should work (or, you have another problem).

Regards,
Buchan


--
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)