[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapsearch weird results - wild card not working as expected

To: openldap-bugs@openldap.org
Subject: ldapsearch weird results - wild card not working as expected
From: Simon McGregor <smcgregor@domainagedcare.com.au>
Date: Tue, 10 Mar 2009 11:10:14 +1000
Content-disposition: inline
Organization: Domain Aged Care
User-agent: KMail/1.9.10

I wrote a script to add groups to my ldap directory

---------------------------------
#!/bin/sh

# Get the latest gid
gidlast="`ldapsearch -x "cn=*"  -b "ou=Group,dc=mydomain,dc=com" -h myserver |
grep gidNumber | awk '{ print $2 }' | sort -u | tail -n 1`"
newgid="`echo "$gidlast + 1" | bc`"

echo "newgid: $newgid"

# Make the Mods
echo "dn: cn=$1,ou=Group,dc=mydomain,dc=com" > /tmp/modify.ldap
echo "changetype: add"  >>   /tmp/modify.ldap
echo "objectClass: posixGroup"  >>   /tmp/modify.ldap
echo "objectClass: top"  >>   /tmp/modify.ldap
echo "cn: $1" >>   /tmp/modify.ldap
echo "gidNumber: $newgid" >>   /tmp/modify.ldap

# Run the Update
ldapmodify -x -f /tmp/modify.ldap -h myserver -D
cn=Manager,dc=mydomain,dc=com -w mypasswd

----------------------------------

This correctly creates a new group
eg.

./mkgroup.sh mygroup01

$ ldapsearch -x "cn=mygroup01" -h myserver

produces ->

# mygroup01, Group, mydomain.com
dn: cn=mygroup01,ou=Group,dc=mydomain,dc=com
objectClass: posixGroup
objectClass: top
cn: mygroup01
gidNumber: 7435
memberUid: dummyuser

The issue is the following:

$ ldapsearch -x "cn=mygroup*"  -b "ou=Group,dc=mydomain,dc=com" -h myserver |
grep gidNumber | awk '{ print $2 }' | sort -u | tail -n 1

returns the result
7435

$ ldapsearch -x "cn=*"  -b "ou=Group,dc=mydomain,dc=com" -h myserver | grep
gidNumber | awk '{ print $2 }' | sort -u | tail -n 1

returns the result
7434

In other words the wild card is not picking up the new group even though it is
actually there. Perhaps someone can show me the error of my ways but I think
both results should return the same value

I am running centos 5 with
openldap-clients-2.3.27-8.el5_2.4
openldap-servers-2.3.27-8.el5_2.4
openldap-2.3.27-8.el5_2.4
openldap-devel-2.3.27-8.el5_2.4





The information contained in this email and any attachments is strictly confidential. If you are not the intended recipient you must not disclose or use the information contained in it. If you have received this email in error please notify us immediately by return email and delete the document. Domain Principal Pty Ltd accepts no liability for any loss or damage caused by this email or its attachments due to viruses interference interception corruption or unauthorised access.

Follow-Ups:
- Re: ldapsearch weird results - wild card not working as expected
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Re: (ITS#6010) substitution for acl sets
Next by Date: Re: ldapsearch weird results - wild card not working as expected
Index(es):
- Chronological
- Thread