> > > > > > What are the searches being run (from your slapd.log)? > > > > > > > The ldap.log contains > > > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "" 0 3 > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0 > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter: (objectClass=*) > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs: > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: namingcontexts > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=0 > > matched="" text="" > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 3 > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: 0 30 0 > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: filter: > > (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com)) > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: attrs: > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: send_ldap_result: err=32 > > matched="" text="" > > Aug 27 12:36:24 msldap01 slapd2.4[22363]: connection_get(21) > > > So that one failed with LDAP_NO_SUCH_OBJECT (err=32). OOI - How do you know err=32 means LDAP_NO_SUCH_OBJECT? > > > Which balances out your next statement :-) > > > > > Do the work? > > > > > > The first search '(&(objectClass=nisDomainObject)(nisDomain=your > > > domain')) should return your nisDomain, the next the profile. > > > > I think I got the query syntax correct on the query > > > > [root@msldap01 ~]# ldapsearch2.4 -h 10.2.250.15 -D > > cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx-b > > dc=ldn,dc=sw,dc=com > > "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))" > > Just -h 10.2.250.15 -x -b 'dc=ldn,dc=sw,dc=com' > "(&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com))" should match > the scripted search. > OK - I ran ldapsearch2.4 -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxx -x -b 'dc=ldn,dc=sw,dc=com' It showed me everything in the LDAP tree, Last few lines are # search result search: 2 result: 0 Success # numResponses: 310 # numEntries: 309 Which seems to work OK. The log output says Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: ==> bdb_bind: dn: cn=proxyagent,ou=profile,dc=ldn,dc=sw,dc=com Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text="" Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: SRCH "dc=ldn,dc=sw,dc=com" 2 0 Aug 31 09:38:00 msldap01 slapd2.4[22363]: 0 0 0 Aug 31 09:38:00 msldap01 slapd2.4[22363]: filter: (objectClass=*) Aug 31 09:38:00 msldap01 slapd2.4[22363]: attrs: Aug 31 09:38:00 msldap01 slapd2.4[22363]: Aug 31 09:38:00 msldap01 slapd2.4[22363]: connection_get(21) Aug 31 09:38:00 msldap01 slapd2.4[22363]: send_ldap_result: err=0 matched="" text="" Aug 31 09:38:01 msldap01 slapd2.4[22363]: connection_get(21) > > # extended LDIF > > # > > # LDAPv3 > > # base <dc=ldn,dc=sw,dc=com> with scope subtree > > # filter: (&(objectClass=nisDomainObject)(nisDomain=ldn.sw.com)) > > # requesting: ALL > > # > > > > # ldn.sw.com > > dn: dc=ldn,dc=sw,dc=com > > and that one worked. Compare the log entry for the manual search with > the scripted one. > > -- > Ian. > |