Re: (ITS#5208) OpenLDAP w/ multiple bdb backends provides invalid paged result responses

[ghenry@OpenLDAP.org]

hume-ml@bofh.ca wrote:
> Full_Name: Brandon Hume
> Version: 2.3.38
> OS: OpenSolaris/Redhat Linux AS3
> URL: 
> Submission from: (NULL) (129.173.2.54)
> 
> 
> When OpenLDAP is serving a tree split into multiple backends (for whatever
> reasons someone might do so), searching with the paged result control against
> the base DN and ranging across the subordinate trees causes a paged result
> cursor to be provided for each backend. 
> 
> ie: With a config such as:
> 
> database        bdb
> directory       /opt/csw/var/openldap/people
> suffix          "ou=People,dc=example,dc=com"    
> subordinate                             
> rootdn          "cn=NOC,dc=example,dc=com"
>                                      
> database        bdb                  
> directory       /opt/csw/var/openldap/default
> suffix          "dc=domain,dc=com"               
> rootdn          "cn=NOC,dc=domain,dc=com"
> rootpw          {SSHA}[...]
> 
> 
> A search such as the following:
>     ldapsearch -h localhost -x -E pr=2 -b dc=dal,dc=ca '(objectclass=*)'
> 
> ... will produce the following result/control response:
> 
> [...]
> # search result
> search: 2
> result: 0 Success
> control: 1.2.840.113556.1.4.319 false MAkCAQAEBAIAAAA=
> control: 1.2.840.113556.1.4.319 false MAkCAQAEBP////8=
> Press [size] Enter for the next {2|size} entries.
> 
> 
> This has the effect of causing the next paged result to fail, since one of the
> two values is not correct and is rejected by the server.
> 
> 

Where is "dc=dal,dc=ca" set?

-- 
Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.

http://www.openldap.org/project/