[Date Prev][Date Next] [Chronological] [Thread] [Top]

search on objectClass: posixAccount yielding no results

To: openldap-software@OpenLDAP.org
Subject: search on objectClass: posixAccount yielding no results
From: Dennis <dennis@works4me.com>
Date: Tue, 26 Jul 2005 09:53:49 -0700
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Hi,

I am running openldap-2.0.27 on CentOS 3.x. The database directory was already existing - I had a machine die and I copied over the directory, edited slapd.conf and started openldap. LDAP is being used successfully by Courier's authlib for authentication. Life was good.

Now I'm trying to get another app working with openldap and a particular search is failing, and it doesn't seem to make sense to me.

I've tried this search using ldapsearch: "(&(objectClass=posixAccount)(uid=username))" and it returns zero results. However, just "(uid=username)" returns the correct result.

Even just "(objectClass=posixAccount)" returns zilch. However, "(objectClass=person)" returns all the accounts in ldap and "(&(objectClass=person)(uid=username))" returns the correct result.

So, why is "(objectClass=posixAccount)" not working? All the accounts have objectClass: posixAccount. Here is an example of the ldif for one of the accounts:

dn: uid=slutrin,o=herdomain.com,ou=domains,dc=mydomain,dc=com
cn: Sandy Lutrin
sn: Lutrin
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
objectClass: posixAccount
uidNumber: 510
gidNumber: 510
mail: slutrin@herdomain.com
mailhost: herdomain.com
homeDirectory: /home/domains/herdomain.com/slutrin
uid: slutrin
userPassword:: **deleted**

Here is my slapd.conf contents:

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/redhat/autofs.schema
include         /etc/openldap/schema/redhat/kerberosobject.schema
include         /etc/openldap/schema/authldap.schema
database        ldbm
suffix          "dc=mydomain,dc=com"
rootdn          "cn=Manager,dc=mydomain,dc=com"
rootpw          **deleted**
directory       /home/databases/ldap
index cn,sn,uid pres,eq
index objectClass eq
access to attr=userPassword
       by dn="cn=Manager,dc=mydomain,dc=com" write
       by dn="cn=Manager,dc=mydomain,dc=com" read
       by dn="cn=courier,dc=mydomain,dc=com" read
       by dn="cn=qmail,dc=mydomain,dc=com" read
       by self write
       by * auth
access to *
       by dn="cn=Manager,dc=mydomain,dc=com" write
       by dn="cn=Manager,dc=mydomain,dc=com" read
       by dn="cn=courier,dc=mydomain,dc=com" read
       by dn="cn=qmail,dc=mydomain,dc=com" read
       by self read
       by anonymous read
loglevel 4

Follow-Ups:
- Re: search on objectClass: posixAccount yielding no results
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: entry modify failed while trying to change user password
Next by Date: Re: search on objectClass: posixAccount yielding no results
Index(es):
- Chronological
- Thread