[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Search issue (objectclass=person) (Possible dupe email)

On 2014-05-16 11:33, Ryan Tandy wrote:

On Fri, May 16, 2014 at 7:13 AM, Tuc <ml@t-b-o-h.net> wrote:
We're having an issue with a slightly older version of openldap. (2.4.23-26 
on CentOS). Using Apache Directory Studio I do a search:
"(objectclass=person)" on a search base of "ou=People,dc=example,dc=com"
This should be the easiest and simplest search in the world. However, I get 
entries like :

dn: uid=PLACEHOLDER_example_agent,ou=People,dc=example,dc=com
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
cn: PLACEHOLDER_example agent
gidNumber: 100
homeDirectory: /home/example_agent
sn: agent
uid: PLACEHOLDER_example_agent
uidNumber: 621
givenName: example
loginShell: /bin/bash
userPassword:: DELETED

and

dn: uid=BDTestUser,ou=People,dc=example,dc=com
objectClass: top
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: BD
sn: User
displayName: BD User
givenName: BD
mail: seo@example.com
mobile: +1 1111111111
ou: Sales
telephoneNumber: +1 222222222
title: BD Sample User
uid: BDTestUser
userPassword:: DELETED

Where am I going wrong?


organizationalPerson is a subclass of person, and inetOrgPerson is a
subclass of organizationalPerson, so the entries above implicitly have 
the person objectClass. Have a look through the schema files.
Is there some way I can modify the query to only get ones that would look like : 

dn: uid=tuc,ou=People,dc=example,dc=com
objectClass: radiusprofile
objectClass: pwmUser
objectClass: top
VVVVVVVVVVVVVVVVVVV
objectClass: person
^^^^^^^^^^^^^^^^^^^
objectClass: posixAccount
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: DELETED
gidNumber: 100
homeDirectory: /home/tuc
sn: DELETED
uid: tuc
uidNumber: DELETED
dialupAccess: TRUE
displayName: DELETED
givenName: DELETED
loginShell: /bin/bash
mail: tuc@example.com
mobile: +1 DEL ETE D!!!
ou: Tech
telephoneNumber: +1 DEL ETE D!!!
title: Network Janitor
userPassword:: DELETED