On 27.09.2013 15:53, Hallvard Breien Furuseth wrote:
Birgit Ohlenbusch writes:A wildcard search like ldapsearch (...) uid='xyzzs*' uid lists only three entries: (...) dn: uid=xyzzs146,ou=Accounts,xx uid: xyzzs146 dn: uid=xyzzs147,ou=Accounts,xx uid: xyzzs147 dn: uid=xyzzs148,ou=Accounts,xx uid: xyzzs148 though there exists more, which can be displayed with ldapsearch not specifying a filter or by specifying the object (...) Reindexing with slapindex solved the problem, ldapsearch with uid='xyzzs*' shows all those entries, not only three. But I'm afraid that this happens again. Can you tell me how somethink like this can happen and how I can prevent such a situation?Your 'uid' index thought only three entries existed in the search scope. A search without an uid filter worked because it did not use the index. Maybe you edited slapd.conf and inserted an uid index without running slapindex. Thata index would initially be empty, telling slapd there were no entries matching the filter. Later you added these three entries, which did get indexed. The fix is to always run slapindex after editing the indexes. Or switch to using cn=config and modify the configuration over the LDAP protocol, then the attributes get reindexed automatically.
Thankyou for your fast response and explanation. We are using cn=config and are modifying the index with ldapmodify, so over the LDAP protocoll.But - what can cause an index getting empty? Maybe a restart of the slapd? Or not optimal settings for the hdb database parameters?
And: Is it possible to check if the index is correct? Best Regards Birgit
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature